VARIoT latest news about IoT security

IoT Vulnerabilities A Growing Concern for Smart Light Bulbs Trust: 4.25 Fetched: Nov. 24, 2023, 9:20 a.m., Published: Nov. 18, 2023, midnight	Vulnerabilities: default credentials

Affected products

External IDs

vendor:	google	model:	wi-fi router
vendor:	google	model:	home

Cyber Security Asean Trust: 3.75 Fetched: Nov. 24, 2023, 9:17 a.m., Published: Nov. 24, 2024, midnight	Vulnerabilities: command injection

Affected products

External IDs

vendor:

check point

model:

check point

Frequently Asked Questions for CitrixBleed (CVE-2023-4966) - Blog \| Tenable® Trust: 4.5 Fetched: Nov. 24, 2023, 9:14 a.m., Published: Nov. 20, 2023, 6:09 p.m.	Vulnerabilities: information disclosure, denial of service

Affected products

External IDs

vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	netscaler

db:

NVD

ids:

CVE-2023-4966, CVE-2023-49666, CVE-2023-4967

EZVIZ - Creating Easy Smart Homes Trust: 4.75 Fetched: Nov. 24, 2023, 9:14 a.m., Published: Nov. 10, 2023, midnight	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2023-48121

11 Best Web Security Scanners - 2024 Trust: 3.5 Fetched: Nov. 24, 2023, 9:12 a.m., Published: Nov. 16, 2023, 4:01 a.m.	Vulnerabilities: cross-site scripting, command injection, sql injection...

Affected products	External IDs

5 Biggest IoT Security Issues of 2020 \| Analytics Steps Trust: 3.75 Fetched: Nov. 24, 2023, 9:12 a.m., Published: Nov. 5, 2023, midnight	Vulnerabilities: information leak

Affected products	External IDs

7 Apple Security Breaches, Hacks, and Flaws You Didn't Know About Related entries in the VARIoT vulnerabilities database: VAR-202302-2044, VAR-202208-1294, VAR-202302-2240, VAR-202302-2045 Trust: 5.25 Fetched: Nov. 24, 2023, 9:07 a.m., Published: Nov. 23, 2023, 2 p.m.	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	apple	model:	watch
vendor:	apple	model:	macos
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad
vendor:	apple	model:	webkit

db:

NVD

ids:

CVE-2023-41061, CVE-2023-23520, CVE-2022-32894, CVE-2023-23531, CVE-2023-23530, CVE-2023-41064

hackebds · PyPI Related entries in the VARIoT vulnerabilities database: VAR-201912-1012 Trust: 3.0 Fetched: Nov. 24, 2023, 9:05 a.m., Published: May 24, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2019-17621

Microsoft’s Windows Hello fingerprint authentication has been bypassed - The Verge Trust: 3.75 Fetched: Nov. 24, 2023, 9:04 a.m., Published: Nov. 22, 2023, 12:03 p.m.	Vulnerabilities: authentication bypass, memory corruption

Affected products

External IDs

vendor:

lenovo

model:

thinkpad

Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet \| Ars Technica Trust: 3.5 Fetched: Nov. 24, 2023, 9:04 a.m., Published: Nov. 22, 2023, 7:35 p.m.	Vulnerabilities: command injection, code execution

Affected products

External IDs

vendor:

snort

model:

snort

Get vulnerability by ID \| Microsoft Learn Trust: 3.0 Fetched: Nov. 22, 2023, 9:56 a.m., Published: Dec. 18, 2020, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2019-0608

CVE-2023-46604 (Apache ActiveMQ) Vulnerability Exploited to Infect Systems With Cryptominers and Rootkits Trust: 4.75 Fetched: Nov. 22, 2023, 9:56 a.m., Published: Nov. 20, 2023, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-4911, CVE-2023-46604

Fuji Electric Tellus Lite V-Simulator \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202311-1678, VAR-202311-1677, VAR-202311-1679 Trust: 5.5 Fetched: Nov. 22, 2023, 9:51 a.m., Published: Nov. 1, 2023, midnight	Vulnerabilities: code execution, buffer overflow, improper access control

Affected products

External IDs

vendor:	trend	model:	security
vendor:	trend micro	model:	security
vendor:	fuji	model:	v-simulator
vendor:	fuji	model:	tellus lite v-simulator
vendor:	fuji electric	model:	v-simulator
vendor:	fuji electric	model:	tellus lite v-simulator

db:

NVD

ids:

CVE-2023-35127, CVE-2023-5299, CVE-2023-40152

Mitsubishi Electric CNC Series (Update C) - vulnerability database \| Vulners.com Trust: 4.5 Fetched: Nov. 22, 2023, 9:50 a.m., Published: Nov. 21, 2023, noon	Vulnerabilities: buffer overflow, denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2023-33460, CVE-2022-2479, CVE-2022-24795, CVE-2023-3346, CVE-2017-16516

Configuring a malware scan on Android devices Trust: 3.0 Fetched: Nov. 22, 2023, 9:43 a.m., Published: April 22, 2019, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Smart TVs, Refrigerators Used in Internet-of-Things Cyberattack Trust: 3.5 Fetched: Nov. 22, 2023, 9:41 a.m., Published: Sept. 17, 2023, 2:59 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	trend	model:	security
vendor:	google	model:	home

8 Key IoT Security Challenges and Proven Solutions from the Field Trust: 5.25 Fetched: Nov. 22, 2023, 9:38 a.m., Published: Nov. 3, 2023, midnight	Vulnerabilities: denial of service, default credentials

Affected products

External IDs

vendor:	google	model:	home
vendor:	essential	model:	phone

Protecting Kaspersky Endpoint Security for Android against removal Trust: 3.25 Fetched: Nov. 22, 2023, 9:35 a.m., Published: April 22, 2019, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

samsung

model:

mobile

Controlling user access to the features of iOS devices Trust: 3.25 Fetched: Nov. 22, 2023, 9:31 a.m., Published: April 22, 2019, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

icloud

Vulnerability Summary for the Week of October 9, 2023 \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202310-1918, VAR-202310-1699, VAR-202310-2320, VAR-202310-2590, VAR-202310-2079, VAR-202310-0438, VAR-202310-2290, VAR-202310-2564, VAR-202310-2081, VAR-202310-2114, VAR-202310-0178, VAR-202310-2393, VAR-202310-2391, VAR-202310-0764 Trust: 4.25 Fetched: Nov. 22, 2023, 9:19 a.m., Published: Oct. 9, 2023, midnight	Vulnerabilities: information exposure, denial of service, privilege escalation...

Affected products

External IDs

vendor:	nodejs	model:	node.js
vendor:	broadcom	model:	linux
vendor:	zebra technologies	model:	zt410
vendor:	zebra technologies	model:	ztc zt410-203dpi zpl
vendor:	rockwell	model:	automation panelview
vendor:	rockwell	model:	factorytalk
vendor:	rockwell	model:	factorytalk linx
vendor:	rockwell	model:	automation panelview plus
vendor:	rockwell	model:	factorytalk_linx
vendor:	google	model:	android
vendor:	google	model:	wifi
vendor:	node.js	model:	node.js
vendor:	huawei	model:	huawei
vendor:	huawei	model:	nice
vendor:	zebra	model:	zt410
vendor:	zebra	model:	ztc zt410-203dpi zpl
vendor:	xiaomi	model:	browser
vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler adc
vendor:	citrix	model:	netscaler
vendor:	d-link	model:	router
vendor:	rockwell_automation	model:	automation panelview
vendor:	rockwell_automation	model:	factorytalk
vendor:	rockwell_automation	model:	factorytalk linx
vendor:	rockwell_automation	model:	automation panelview plus
vendor:	rockwell_automation	model:	factorytalk_linx
vendor:	zabbix	model:	zabbix
vendor:	igor	model:	nginx
vendor:	rockwell automation	model:	automation panelview
vendor:	rockwell automation	model:	factorytalk
vendor:	rockwell automation	model:	factorytalk linx
vendor:	rockwell automation	model:	automation panelview plus
vendor:	rockwell automation	model:	factorytalk_linx
vendor:	netapp	model:	snapcenter server
vendor:	netapp	model:	snapcenter

db:

NVD

ids:

CVE-2023-44392, CVE-2023-5579, CVE-2023-26319, CVE-2023-5449, CVE-2023-35660, CVE-2023-44103, CVE-2023-42663, CVE-2022-43740, CVE-2023-40833, CVE-2023-36841, CVE-2023-44178, CVE-2023-32976, CVE-2023-29464, CVE-2023-32974, CVE-2023-36478, CVE-2023-40682, CVE-2023-5557, CVE-2023-26220, CVE-2023-27516, CVE-2023-44186, CVE-2023-41261, CVE-2023-43896, CVE-2023-33303, CVE-2023-44100, CVE-2023-1943, CVE-2023-37538, CVE-2023-45267, CVE-2023-43661, CVE-2023-23632, CVE-2023-4966, CVE-2023-44188, CVE-2023-45176, CVE-2023-31096, CVE-2023-27315, CVE-2023-30801, CVE-2023-32634, CVE-2023-4257, CVE-2023-34356, CVE-2023-45106, CVE-2023-5582, CVE-2023-27313, CVE-2023-5535, CVE-2023-45648, CVE-2023-45011, CVE-2023-44111, CVE-2023-45396, CVE-2023-27395, CVE-2023-45108, CVE-2023-44399, CVE-2023-42752, CVE-2023-45467, CVE-2023-44094, CVE-2020-27213, CVE-2023-41263, CVE-2023-45391, CVE-2023-45863, CVE-2023-43148, CVE-2023-5459, CVE-2023-45862, CVE-2023-39999, CVE-2022-32755, CVE-2023-45068, CVE-2023-26320, CVE-2022-43868, CVE-2023-44177, CVE-2022-44758, CVE-2023-44203, CVE-2023-41262, CVE-2023-45109, CVE-2023-44198, CVE-2023-22325, CVE-2023-45142, CVE-2023-45052, CVE-2023-44184, CVE-2023-4517, CVE-2023-23737, CVE-2023-28381, CVE-2023-44175, CVE-2023-45466, CVE-2023-44193, CVE-2023-5580, CVE-2023-32275, CVE-2023-45132, CVE-2023-32723, CVE-2023-45393, CVE-2023-41843, CVE-2023-5554, CVE-2023-45129, CVE-2023-4936, CVE-2023-44191, CVE-2023-27380, CVE-2023-44997, CVE-2023-45162, CVE-2023-45194, CVE-2023-5497, CVE-2023-29453, CVE-2023-40367, CVE-2023-32970, CVE-2023-5499, CVE-2023-31192, CVE-2023-44961, CVE-2023-42189, CVE-2023-45855, CVE-2023-36839, CVE-2023-45048, CVE-2023-45103, CVE-2023-44201, CVE-2023-22392, CVE-2023-3781, CVE-2023-30154, CVE-2023-35024, CVE-2023-45270, CVE-2023-27316, CVE-2023-5240, CVE-2023-44689, CVE-2023-44197, CVE-2023-5573, CVE-2023-39960, CVE-2023-45130, CVE-2023-5562, CVE-2023-4263, CVE-2023-42795, CVE-2023-45511, CVE-2023-38000, CVE-2023-5564, CVE-2023-44998, CVE-2023-44962, CVE-2023-45269, CVE-2023-34975, CVE-2022-33161, CVE-2023-5563, CVE-2023-45468, CVE-2023-36843, CVE-2023-22308, CVE-2023-45312, CVE-2023-35193, CVE-2023-45853, CVE-2023-43079, CVE-2023-41680, CVE-2023-44109, CVE-2023-45133, CVE-2023-44204, CVE-2023-44095, CVE-2023-5572, CVE-2023-45674, CVE-2023-28635, CVE-2023-40829, CVE-2023-45208, CVE-2023-41681, CVE-2023-44196, CVE-2023-44199, CVE-2023-5578, CVE-2023-32721, CVE-2023-41304, CVE-2023-44101, CVE-2023-5581, CVE-2022-42451, CVE-2023-44185, CVE-2023-44981, CVE-2023-45268, CVE-2023-5409, CVE-2023-44190, CVE-2023-27312, CVE-2023-44192, CVE-2023-34354, CVE-2023-32124, CVE-2023-45510, CVE-2023-37536, CVE-2023-30148, CVE-2023-44096, CVE-2023-45465, CVE-2022-33165, CVE-2023-45107, CVE-2023-45348, CVE-2023-39325, CVE-2023-43149, CVE-2023-41881, CVE-2023-23581, CVE-2023-44093, CVE-2023-41882, CVE-2023-40142, CVE-2023-42792, CVE-2023-44182, CVE-2023-5463, CVE-2023-45102, CVE-2023-4829, CVE-2023-45143, CVE-2023-25774, CVE-2023-44102, CVE-2023-42298, CVE-2023-4957, CVE-2023-45852, CVE-2023-38817, CVE-2023-44181, CVE-2023-4990, CVE-2023-43789, CVE-2023-40141, CVE-2023-4499, CVE-2023-26318, CVE-2023-32724, CVE-2023-4562, CVE-2023-41682, CVE-2023-4309, CVE-2023-44097, CVE-2023-44194, CVE-2023-5462, CVE-2023-5571, CVE-2023-5556, CVE-2023-44176, CVE-2023-5495, CVE-2023-5555, CVE-2022-44757, CVE-2023-45276, CVE-2023-41131, CVE-2023-44195, CVE-2023-35662, CVE-2023-30994, CVE-2023-35194, CVE-2023-42780, CVE-2023-32722, CVE-2023-43271, CVE-2023-5072, CVE-2023-42138, CVE-2023-27314, CVE-2023-44104, CVE-2023-42477, CVE-2023-34976, CVE-2023-45060, CVE-2023-45058, CVE-2023-35661, CVE-2023-44183, CVE-2023-44189, CVE-2023-43641, CVE-2023-42794, CVE-2023-5496, CVE-2023-45138, CVE-2023-35649, CVE-2023-43147, CVE-2023-44187, CVE-2023-45856, CVE-2023-45063, CVE-2023-44037, CVE-2023-41836, CVE-2023-45464, CVE-2023-32973, CVE-2023-26155, CVE-2023-45463

VARIoT news about IoT security