Sign-up

VARIoT news about IoT security

Update now! Apple patches vulnerabilities in MacOS and iOS

Related entries in the VARIoT vulnerabilities database: VAR-202302-1169, VAR-202302-1097, VAR-202302-1170

Trust: 5.5

Fetched: Feb. 21, 2023, 9:13 a.m., Published: Feb. 15, 2023, 11:48 a.m.
 Vulnerabilities: use after free
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: ipad air
db: NVD ids: CVE-2023-23514, CVE-2023-23529, CVE-2023-23522

Arris router vulnerability could lead to complete takeover|黑客技术网

Trust: 4.5

Fetched: Feb. 19, 2023, 9:29 a.m., Published: -
 Vulnerabilities: default credentials, command injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-45701

SAP's February 2023 Security Updates Patch High-Severity Vulnerabilities - SecurityWeek

Trust: 4.0

Fetched: Feb. 19, 2023, 9:29 a.m., Published: Feb. 15, 2023, 11:11 a.m.
 Vulnerabilities: privilege escalation, file upload bug, code injection...
Affected productsExternal IDs
db: NVD ids: CVE-2023-0020, CVE-2023-24523, CVE-2023-24530

PSA: Make Sure to Update Soon, macOS Ventura 13.2.1 and iOS 16.3.1 Address Actively Exploited Vulnerability | Page 5 | MacRumors Forums

Trust: 4.0

Fetched: Feb. 19, 2023, 9:28 a.m., Published: Feb. 13, 2001, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: webkit
vendor: apple model: icloud

iOS 16.3.1 fixes major vulnerabilities but may cause a problem for this popular app

Trust: 3.75

Fetched: Feb. 19, 2023, 9:28 a.m., Published: March 16, 2001, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: android
vendor: apple model: iphone
vendor: apple model: icloud

New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices

Trust: 5.75

Fetched: Feb. 19, 2023, 9:28 a.m., Published: Feb. 17, 2023, 9:25 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: draytek model: routers
vendor: draytek model: vigor
vendor: palo model: networks
db: NVD ids: CVE-2012-4869

KB5008380-Authentication updates (CVE-2021-42287) - Microsoft Support

Trust: 3.0

Fetched: Feb. 19, 2023, 9:27 a.m., Published: Nov. 9, 2021, midnight
 Vulnerabilities: security bypass
Affected productsExternal IDs
db: NVD ids: CVE-2021-42287

Arris Router Vulnerability Leaves EOL Devices Exposed

Trust: 4.75

Fetched: Feb. 19, 2023, 9:26 a.m., Published: Feb. 17, 2023, 11:28 a.m.
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-45701

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software - Domedigita

Related entries in the VARIoT vulnerabilities database: VAR-202302-1598, VAR-202302-1614, VAR-202302-1452

Trust: 5.5

Fetched: Feb. 19, 2023, 9:26 a.m., Published: Feb. 17, 2023, 9:14 a.m.
 Vulnerabilities: code execution, privilege escalation, information leak...
Affected productsExternal IDs
vendor: clamav model: clamav
vendor: google model: nexus
vendor: cisco model: management appliance
vendor: cisco model: web security appliance
vendor: cisco model: nexus
vendor: cisco model: advanced malware protection
vendor: cisco model: clamav
vendor: cisco model: email security appliance
db: NVD ids: CVE-2023-20009, CVE-2023-20075, CVE-2023-20032, CVE-2023-20014, CVE-2023-20052

4 ways to address cyber vulnerabilities in your business

Trust: 3.0

Fetched: Feb. 19, 2023, 9:25 a.m., Published: Feb. 4, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Mirai botnet variant targets IoT and Linux devices

Trust: 3.5

Fetched: Feb. 19, 2023, 9:25 a.m., Published: Feb. 17, 2023, 12:33 p.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks

Update Your iPad Now to Avoid Security Issue - MacRumors

Trust: 3.75

Fetched: Feb. 19, 2023, 9:24 a.m., Published: Feb. 13, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: pixel
vendor: google model: android
vendor: apple model: ipad
vendor: apple model: watch
vendor: apple model: webkit
vendor: apple model: icloud
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: tvos
vendor: apple model: watchos

QNAP fixes critical bug letting hackers inject malicious code

Trust: 4.25

Fetched: Feb. 19, 2023, 9:24 a.m., Published: -
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2022-27596

Security Advisory: Update Apple Devices to Address a New Zero-Day Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202302-1097

Trust: 3.75

Fetched: Feb. 19, 2023, 9:24 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sophos model: anti-virus
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: tvos
vendor: apple model: ipad
vendor: apple model: watchos
db: NVD ids: CVE-2023-23529

[no-title]

Trust: 3.5

Fetched: Feb. 19, 2023, 9:23 a.m., Published: Aug. 17, 2021, 1:27 p.m.
 Vulnerabilities: device impersonation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-28372

A new Mirai variant is attacking Linux devices to build a beastly DDoS botnet | TechRadar

Trust: 4.75

Fetched: Feb. 19, 2023, 9:23 a.m., Published: Feb. 17, 2023, 2:21 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: networks

CISA Warns About Four New Vulnerabilities Exploited as Zero-Days

Related entries in the VARIoT vulnerabilities database: VAR-202302-1097

Trust: 4.75

Fetched: Feb. 19, 2023, 9:23 a.m., Published: Feb. 17, 2023, 10:49 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: webkit
db: NVD ids: CVE-2023-23529, CVE-2023-21715, CVE-2023-23376, CVE-2023-21823

New Mirai botnet variant V3G4 targets Linux servers, IoT devices | CSO Online

Related entries in the VARIoT vulnerabilities database: VAR-202206-0004, VAR-202002-1447, VAR-202006-1056

Trust: 5.0

Fetched: Feb. 19, 2023, 9:22 a.m., Published: Feb. 17, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: draytek model: vigor
db: NVD ids: CVE-2012-4869, CVE-2022-26134, CVE-2022-4257, CVE-2019-15107, CVE-2020-8515, CVE-2020-15415

Patch Now: Apple's iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw

Related entries in the VARIoT vulnerabilities database: VAR-202302-1169, VAR-202212-1751, VAR-202302-1097

Trust: 5.75

Fetched: Feb. 19, 2023, 9:22 a.m., Published: Feb. 14, 2023, 4:44 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad air
db: NVD ids: CVE-2023-23514, CVE-2022-42856, CVE-2023-23529

Vulnerability scanner for Windows | Intruder

Trust: 4.25

Fetched: Feb. 19, 2023, 9:21 a.m., Published: May 19, 2023, midnight
 Vulnerabilities: request forgery, code execution
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: antivirus
db: NVD ids: CVE-2022-41040, CVE-2021-36934, CVE-2022-41082