VARIoT latest news about IoT security

Exploitation of CVE-2023-4863 in Google Chrome - NHS Digital Trust: 3.75 Fetched: Sept. 15, 2023, 9:09 a.m., Published: Sept. 15, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2023-4863

Apple users issued urgent warning over new spyware Trust: 4.0 Fetched: Sept. 13, 2023, 9:31 a.m., Published: Sept. 10, 2023, 2:57 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

db:

NVD

ids:

CVE-2023-41061, CVE-2023-41064

Apple patches two zero-day flaws abused to install the Pegasus spyware \| TechSpot Trust: 5.5 Fetched: Sept. 13, 2023, 9:30 a.m., Published: Sept. 13, 4070, midnight	Vulnerabilities: buffer overflow, code execution

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	ipad

db:

NVD

ids:

CVE-2023-41061, CVE-2023-41064

23-039 (September 12, 2023) - Threat Encyclopedia Trust: 4.75 Fetched: Sept. 13, 2023, 9:26 a.m., Published: Sept. 12, 2023, midnight	Vulnerabilities: file upload vulnerability, code execution, denial of service...

Affected products

External IDs

vendor:

zoho

model:

manageengine adselfservice plus

db:

NVD

ids:

CVE-2022-48343, CVE-2023-28342, CVE-2023-36808, CVE-2023-23843, CVE-2020-12641, CVE-2023-29154, CVE-2023-28128, CVE-2023-38119, CVE-2022-44792, CVE-2023-21758

Two Apple issues added by CISA to the catalog of known exploited vulnerabilities Trust: 5.5 Fetched: Sept. 13, 2023, 9:26 a.m., Published: -	Vulnerabilities: buffer overflow, code execution

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	watchos
vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	apple	model:	ipad

db:

NVD

ids:

CVE-2023-41061, CVE-2023-41064

CyberCNS - Troubleshooting FAQs - CyberCNS V2 - Confluence Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-1782 Trust: 5.5 Fetched: Sept. 13, 2023, 9:23 a.m., Published: Aug. 23, 2023, midnight	Vulnerabilities: authentication error

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	chrome
vendor:	google	model:	google chrome
vendor:	canary	model:	canary

db:

NVD

ids:

CVE-2021-44228, CVE-2021-45105

Does CVE-2022-38023 have any impact to ONTAP 9? - NetApp Knowledge Base Trust: 3.0 Fetched: Sept. 13, 2023, 9:23 a.m., Published: Jan. 2, 2023, 12:17 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2022-38023

CISA updates advisory on hackers exploiting RCE vulnerability in NetScaler ADC, Gateway devices - Industrial Cyber Trust: 4.5 Fetched: Sept. 13, 2023, 9:22 a.m., Published: Sept. 8, 2023, 11:59 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	citrix	model:	netscaler
vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler adc
vendor:	zoho	model:	manageengine servicedesk plus

db:

NVD

ids:

CVE-2023-3519, CVE-2022-47966

UPDATED - Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution Trust: 3.5 Fetched: Sept. 13, 2023, 9:22 a.m., Published: Sept. 25, 2023, midnight	Vulnerabilities: code execution

Affected products	External IDs

DNS Server Settings: What are they & which is the best DNS server? Trust: 3.5 Fetched: Sept. 13, 2023, 9:21 a.m., Published: Aug. 25, 2023, 4:30 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	android
vendor:	knot	model:	dns knot dns
vendor:	cisco	model:	routers
vendor:	cisco	model:	umbrella
vendor:	cisco	model:	router
vendor:	essential	model:	phone

Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices - SecurityWeek Trust: 3.75 Fetched: Sept. 13, 2023, 9:19 a.m., Published: Sept. 11, 2023, midnight	Vulnerabilities: code injection, request forgery, cross-site scripting...

Affected products

External IDs

db:

NVD

ids:

CVE-2023-41965, CVE-2023-40221, CVE-2023-41084

Update Chrome now! Google patches critical vulnerability which is exploited in the wild Trust: 5.5 Fetched: Sept. 13, 2023, 9:18 a.m., Published: Sept. 12, 2023, 8:43 p.m.	Vulnerabilities: buffer overflow, code execution

Affected products

External IDs

vendor:

google

model:

chrome

db:

NVD

ids:

CVE-2023-41064, CVE-2023-4863

Apple races to patch the latest zero-day iPhone exploit • The Register Trust: 4.75 Fetched: Sept. 13, 2023, 9:17 a.m., Published: -	Vulnerabilities: buffer overflow, code execution

Affected products

External IDs

vendor:

apple

model:

iphone

db:

NVD

ids:

CVE-2023-41061, CVE-2023-41064

Ivanti urges customers to apply patch for exploited MobileIron vulnerability Trust: 3.0 Fetched: Sept. 13, 2023, 9:16 a.m., Published: July 24, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2023-35078

Vulnerability in QVPN Device Client for Windows - Security Advisory \| QNAP Trust: 3.25 Fetched: Sept. 13, 2023, 9:09 a.m., Published: May 6, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2022-27595

Google Chrome - Security Vulnerabilities in 2023 Trust: 5.25 Fetched: Sept. 12, 2023, 9:20 a.m., Published: Sept. 12, 2023, midnight	Vulnerabilities: memory corruption, buffer overflow, heap corruption...

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2021-30633, CVE-2023-4764, CVE-2023-4078, CVE-2023-4357, CVE-2021-4318, CVE-2023-3740, CVE-2023-4360, CVE-2023-3737, CVE-2021-4317, CVE-2023-3217, CVE-2023-3421, CVE-2023-4352, CVE-2022-4924, CVE-2021-37976, CVE-2022-3038, CVE-2023-4076, CVE-2021-37973, CVE-2023-4368, CVE-2023-2311, CVE-2021-21166, CVE-2022-4911, CVE-2021-4316, CVE-2022-4914, CVE-2023-4072, CVE-2020-6572, CVE-2023-4430, CVE-2021-37975, CVE-2019-5786, CVE-2020-16017, CVE-2022-4925, CVE-2020-15999, CVE-2022-4915, CVE-2023-2940, CVE-2022-4910, CVE-2023-3728, CVE-2023-4353, CVE-2021-30563, CVE-2023-3735, CVE-2021-4321, CVE-2023-4428, CVE-2023-2941, CVE-2022-4921, CVE-2023-4365, CVE-2023-2933, CVE-2021-30554, CVE-2023-3730, CVE-2022-4907, CVE-2022-4916, CVE-2022-0609, CVE-2023-4351, CVE-2023-2314, CVE-2023-2936, CVE-2023-2931, CVE-2023-4762, CVE-2023-4431, CVE-2022-4912, CVE-2023-4364, CVE-2023-4362, CVE-2023-3215, CVE-2023-2929, CVE-2021-4319, CVE-2021-4323, CVE-2023-3422, CVE-2023-4366, CVE-2023-2930, CVE-2022-4908, CVE-2023-3733, CVE-2023-4572, CVE-2023-4367, CVE-2022-2856, CVE-2021-4320, CVE-2022-4906, CVE-2023-2934, CVE-2022-4955, CVE-2022-4919, CVE-2023-4429, CVE-2023-3420, CVE-2023-3214, CVE-2023-4077, CVE-2023-3734, CVE-2023-2938, CVE-2022-4913, CVE-2023-3738, CVE-2023-3732, CVE-2022-4923, CVE-2023-4354, CVE-2022-4922, CVE-2023-2937, CVE-2019-13720, CVE-2022-4918, CVE-2023-3216, CVE-2023-3727, CVE-2023-4071, CVE-2023-4068, CVE-2023-4075, CVE-2023-4761, CVE-2023-3079, CVE-2023-4356, CVE-2023-4427, CVE-2023-4358, CVE-2023-3598, CVE-2023-4069, CVE-2022-4920, CVE-2022-4909, CVE-2023-4763, CVE-2021-4322, CVE-2023-4349, CVE-2023-4074, CVE-2023-4070, CVE-2023-2932, CVE-2023-4355, CVE-2023-2935, CVE-2021-30632, CVE-2022-4452, CVE-2023-2724, CVE-2021-4324, CVE-2023-2136, CVE-2022-4135

Update your iPhone: Apple just pushed out a significant security update - ABC News Trust: 3.0 Fetched: Sept. 12, 2023, 9:19 a.m., Published: Sept. 12, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

New Vulnerabilities Monday 11 September - CND News and Blog Trust: 4.0 Fetched: Sept. 12, 2023, 9:17 a.m., Published: Sept. 11, 2023, midnight	Vulnerabilities: denial of service

Affected products	External IDs

Cyber Threat Intelligence Coursera Quiz Answers - Networking Funda Trust: 3.25 Fetched: Sept. 12, 2023, 9:11 a.m., Published: Nov. 13, 2021, 8:20 p.m.	Vulnerabilities: sql injection, buffer overflow, cross-site scripting...

Affected products

External IDs

vendor:	trend	model:	antivirus
vendor:	trend	model:	security
vendor:	trend	model:	data loss prevention
vendor:	trend	model:	internet security

iOS 16.6.1 - update your iPhone now to prevent Pegasus from spying on you \| Tom's Guide Trust: 3.75 Fetched: Sept. 12, 2023, 9:10 a.m., Published: Sept. 10, 2023, 6:45 p.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:	trend	model:	antivirus
vendor:	trend	model:	security
vendor:	trend	model:	internet security
vendor:	apple	model:	ipad
vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	apple	model:	macos
vendor:	apple	model:	ipad air

VARIoT news about IoT security