Sign-up

VARIoT news about IoT security

Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center: Software Vulnerability Information: Software: Hitachi

Trust: 3.75

Fetched: Feb. 10, 2023, 11:14 a.m., Published: Oct. 6, 2001, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hitachi model: tuning manager
vendor: hitachi model: ops center common services
vendor: hitachi model: device manager
vendor: hitachi model: ops center analyzer viewpoint
vendor: hitachi model: hitachi ops center common services
vendor: hitachi model: hitachi ops center analyzer viewpoint
vendor: hitachi model: hitachi tuning manager
vendor: hitachi model: hitachi global link manager
vendor: hitachi model: hitachi tiered storage manager
vendor: hitachi model: global link manager
vendor: hitachi model: hitachi infrastructure analytics advisor
vendor: hitachi model: hitachi compute systems manager
vendor: hitachi model: compute systems manager
vendor: hitachi model: hitachi device manager
vendor: hitachi model: hitachi replication manager
vendor: hitachi model: replication manager
vendor: hitachi model: tiered storage manager
db: NVD ids: CVE-2023-21830, CVE-2023-21843, CVE-2023-21835

Cisco Email Security Appliance URL Filtering Bypass Vulnerability

Trust: 3.0

Fetched: Feb. 10, 2023, 11:14 a.m., Published: Jan. 18, 2023, 3:55 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: email security appliance
vendor: cisco model: cisco email security appliance

Apple Patches Exploited iOS Vulnerability in Old iPhones - SecurityWeek

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 5.75

Fetched: Feb. 10, 2023, 11:14 a.m., Published: Jan. 24, 2023, 3:59 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: tvos
vendor: apple model: macos
vendor: apple model: webkit
db: NVD ids: CVE-2022-42856

QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates - AI Home Security

Trust: 4.75

Fetched: Feb. 10, 2023, 9:11 a.m., Published: Jan. 31, 2023, 7:08 a.m.
 Vulnerabilities: injection attack, code injection, sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2022-27596

Critical infrastructure at risk from new vulnerabilities found in IIoT wireless devices -

Related entries in the VARIoT vulnerabilities database: VAR-202301-0630, VAR-202301-0629

Trust: 5.75

Fetched: Feb. 10, 2023, 9:10 a.m., Published: Feb. 9, 2023, 2:09 p.m.
 Vulnerabilities: command injection, privilege escalation, code execution...
Affected productsExternal IDs
vendor: siemens model: automation license manager
db: NVD ids: CVE-2022-46650, CVE-2022-46649, CVE-2022-40981, CVE-2022-41607, CVE-2022-43513, CVE-2022-43514, CVE-2022-3703

Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices - Domedigita

Related entries in the VARIoT vulnerabilities database: VAR-202301-0630, VAR-202301-0629

Trust: 4.75

Fetched: Feb. 10, 2023, 9:10 a.m., Published: Feb. 9, 2023, 4:14 p.m.
 Vulnerabilities: command injection, privilege escalation, code execution...
Affected productsExternal IDs
vendor: siemens model: automation license manager
db: NVD ids: CVE-2022-46650, CVE-2022-46649, CVE-2022-40981, CVE-2022-41607, CVE-2022-43513, CVE-2022-43514, CVE-2022-3703

QNAP fixes critical bug letting hackers inject malicious code - Cyber Reports Cybersecurity News & Information

Trust: 4.25

Fetched: Feb. 10, 2023, 9:09 a.m., Published: Jan. 31, 2023, 12:04 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2022-27596

Evaluate and Secure Your Network with Vulnerability Scans

Trust: 3.0

Fetched: Feb. 10, 2023, 9:09 a.m., Published: Feb. 10, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

QNAP NAS Devices at Risk of Remote Malicious Code Injection | Black Hat Ethical Hacking

Trust: 3.25

Fetched: Feb. 10, 2023, 9:04 a.m., Published: Jan. 31, 2023, 8:29 a.m.
 Vulnerabilities: code injection
Affected productsExternal IDs

Critical Code Injection Flaw on QNAP NAS Devices | SecureTeam

Trust: 5.0

Fetched: Feb. 10, 2023, 9:03 a.m., Published: Feb. 1, 2023, 1:25 p.m.
 Vulnerabilities: injection attack, code injection, sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2022-27596

Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices

Related entries in the VARIoT vulnerabilities database: VAR-202301-0630, VAR-202301-0629

Trust: 4.75

Fetched: Feb. 10, 2023, 9:03 a.m., Published: Feb. 9, 2023, 2:09 p.m.
 Vulnerabilities: command injection, privilege escalation, code execution...
Affected productsExternal IDs
vendor: siemens model: automation license manager
db: NVD ids: CVE-2022-46650, CVE-2022-46649, CVE-2022-40981, CVE-2022-41607, CVE-2022-43513, CVE-2022-43514, CVE-2022-3703

QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates - iHash

Trust: 4.75

Fetched: Feb. 8, 2023, 9:27 a.m., Published: Jan. 31, 2023, 4:06 a.m.
 Vulnerabilities: code injection, injection attack, sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2022-27596

ImageMagick vulnerabilities can cause DoS, information leak - epicapplications

Trust: 4.75

Fetched: Feb. 8, 2023, 9:27 a.m., Published: Feb. 8, 2023, 8:01 a.m.
 Vulnerabilities: information leak, information leakage, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2022-44267, CVE-2022-44268

A Not-yet-detailed Vulnerability is Directly Affecting Automotive Products - Cybellum

Trust: 3.0

Fetched: Feb. 8, 2023, 9:21 a.m., Published: Feb. 7, 2023, 1:01 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2022-33216

February 2023 update fixes four Pixel bugs, over 40 vulnerabilities

Trust: 3.75

Fetched: Feb. 8, 2023, 9:21 a.m., Published: Feb. 8, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
vendor: samsung model: galaxy
vendor: samsung model: mobile
vendor: samsung model: notes

Update Android devices to avoid privilege escalation, urges tech group | SC Media

Trust: 5.0

Fetched: Feb. 8, 2023, 9:20 a.m., Published: Feb. 7, 2023, 11:18 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: android

Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping

Related entries in the VARIoT vulnerabilities database: VAR-202301-2250

Trust: 5.0

Fetched: Feb. 8, 2023, 9:20 a.m., Published: Feb. 3, 2023, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2023-24508

Google Announces Vulnerability Scanner for Open Source Developers - SecurityWeek

Trust: 3.0

Fetched: Feb. 8, 2023, 9:20 a.m., Published: Dec. 14, 2022, 4:19 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Finding Cisco 7800 and 8800 series IP phone assets on your network

Related entries in the VARIoT vulnerabilities database: VAR-202212-0864

Trust: 5.75

Fetched: Feb. 8, 2023, 9:19 a.m., Published: Feb. 8, 7800, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: ip phones
vendor: cisco model: ip phone 8821
vendor: cisco model: ip phone 7800
vendor: cisco model: voice vlan
vendor: cisco model: series
vendor: cisco model: wireless ip phone 8821
vendor: cisco model: ip phone
vendor: cisco model: series ip phones
db: NVD ids: CVE-2022-20968

Security Advisory: Remote Command Execution in binwalk - ONEKEY

Trust: 4.5

Fetched: Feb. 8, 2023, 9:19 a.m., Published: Jan. 31, 2023, 1:54 p.m.
 Vulnerabilities: code execution, directory traversal, path traversal...
Affected productsExternal IDs
db: NVD ids: CVE-2022-4510