VARIoT latest news about IoT security

Threat And Vulnerability Management - Kick Cyber Security Into Gear Trust: 3.0 Fetched: Nov. 4, 2022, 5:42 p.m., Published: Oct. 24, 2022, 1:32 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2022-22954

OpenSSL (Spooky SSL) vulnerabilities - how to mitigate risk - Forescout Trust: 4.5 Fetched: Nov. 4, 2022, 5:41 p.m., Published: Nov. 2, 2022, 10:59 p.m.	Vulnerabilities: code execution, buffer overflow, buffer overrun...

Affected products

External IDs

vendor:

snort

model:

snort

db:

NVD

ids:

CVE-2022-3602, CVE-2022-3786

Cisco : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202207-1583, VAR-202207-1582, VAR-202202-0288, VAR-202207-1530, VAR-202207-1563, VAR-202207-1538, VAR-202207-1534, VAR-202207-1637, VAR-202207-1643, VAR-202207-1616, VAR-202207-1532, VAR-202209-1915, VAR-202207-0228, VAR-202208-1879, VAR-202207-1539, VAR-202210-1812, VAR-202207-1573, VAR-202209-2004, VAR-202207-1644, VAR-202207-1607, VAR-202207-0225, VAR-202210-1411, VAR-202207-1572, VAR-202208-0217, VAR-202208-0326, VAR-202207-1533, VAR-202207-1638, VAR-202207-1535, VAR-202207-1513, VAR-202202-0286, VAR-202203-1506, VAR-202207-1531, VAR-202207-1553, VAR-202209-1949, VAR-202208-0238, VAR-202209-1881, VAR-202209-1929, VAR-202207-1587, VAR-202209-2087, VAR-202207-1514, VAR-202207-1547, VAR-202210-1702, VAR-202207-1564, VAR-202210-1371, VAR-202207-1536, VAR-202207-1617, VAR-202207-1708, VAR-202210-1641, VAR-202209-0491, VAR-202207-1597 Trust: 5.25 Fetched: Nov. 4, 2022, 5:40 p.m., Published: Nov. 4, 2050, midnight	Vulnerabilities: improper validation, denial of service, directory traversal...

Affected products

External IDs

vendor:	cisco	model:	cisco unity connection
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	webex meetings
vendor:	cisco	model:	small business
vendor:	cisco	model:	nexus
vendor:	cisco	model:	cisco roomos
vendor:	cisco	model:	cisco sd-wan
vendor:	cisco	model:	cisco telepresence
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	unity connection
vendor:	cisco	model:	ios software
vendor:	cisco	model:	cisco unified communications manager
vendor:	cisco	model:	sd-wan
vendor:	cisco	model:	telepresence
vendor:	cisco	model:	webex teams
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	rv110w
vendor:	cisco	model:	unified communications manager
vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	routers
vendor:	cisco	model:	telepresence collaboration endpoint
vendor:	cisco	model:	webex
vendor:	cisco	model:	unified communications
vendor:	cisco	model:	unified communications manager session management edition
vendor:	cisco	model:	rv130
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	rv130w
vendor:	cisco	model:	cisco webex
vendor:	cisco	model:	application policy infrastructure controller
vendor:	cisco	model:	ios xe sd-wan software
vendor:	cisco	model:	data center network manager
vendor:	cisco	model:	roomos
vendor:	cisco	model:	rv215w
vendor:	cisco	model:	unity
vendor:	cisco	model:	cisco unity
vendor:	cisco	model:	cisco application policy infrastructure controller
vendor:	cisco	model:	cisco webex meetings

db:

NVD

ids:

CVE-2022-20880, CVE-2022-20881, CVE-2022-22807, CVE-2022-20908, CVE-2022-20889, CVE-2022-20886, CVE-2022-20907, CVE-2022-20910, CVE-2022-20885, CVE-2022-20884, CVE-2022-20857, CVE-2022-20915, CVE-2022-20862, CVE-2022-20921, CVE-2022-20888, CVE-2022-20955, CVE-2022-20877, CVE-2022-20920, CVE-2022-20883, CVE-2022-20882, CVE-2022-20859, CVE-2022-20953, CVE-2022-20890, CVE-2022-20914, CVE-2022-20869, CVE-2022-20909, CVE-2022-20874, CVE-2022-20861, CVE-2022-20873, CVE-2022-22809, CVE-2022-22965, CVE-2022-20906, CVE-2022-20860, CVE-2022-20850, CVE-2022-20852, CVE-2022-20830, CVE-2022-20844, CVE-2022-20875, CVE-2022-20930, CVE-2022-20913, CVE-2022-20887, CVE-2022-20954, CVE-2022-20876, CVE-2022-20822, CVE-2022-20858, CVE-2022-20878, CVE-2022-20916, CVE-2022-20959, CVE-2022-20863, CVE-2022-20879

Detected vulnerabilities in the web interface of devices with JunOS \| From Linux Related entries in the VARIoT vulnerabilities database: VAR-202210-0898, VAR-202210-0918, VAR-202210-0849, VAR-202210-0815, VAR-202210-1013 Trust: 3.75 Fetched: Nov. 4, 2022, 5:39 p.m., Published: Oct. 29, 2022, 7:39 p.m.	Vulnerabilities: code execution, cross-site scripting, file upload vulnerability...

Affected products

External IDs

db:

NVD

ids:

CVE-2022-22246, CVE-2022-22242, CVE-2022-22245, CVE-2022-22243, CVE-2022-22241

Are Your Mobile and IoT Devices Weakening Your Security? \| Marcum LLP \| Accountants and Advisors Trust: 4.75 Fetched: Nov. 4, 2022, 5:39 p.m., Published: Oct. 25, 2022, 4:30 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

trend

model:

security

Fortinet says critical auth bypass bug is exploited in attacks Related entries in the VARIoT vulnerabilities database: VAR-202210-0198 Trust: 4.75 Fetched: Nov. 4, 2022, 5:37 p.m., Published: -	Vulnerabilities: authentication bypass

Affected products

External IDs

vendor:

fortigate

model:

fortios

db:

NVD

ids:

CVE-2022-40684

New OpenSSL critical vulnerability: What you need to know \| Snyk Trust: 4.0 Fetched: Nov. 4, 2022, 5:37 p.m., Published: Oct. 31, 2022, 12:19 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

node.js

model:

node.js

Bugs In Safari, IOS 16.1 Could Let Hackers Steal Users’ Sensitive Data: Cert-In - WorldNewsEra Trust: 4.5 Fetched: Nov. 4, 2022, 5:36 p.m., Published: Oct. 26, 2022, 9:39 p.m.	Vulnerabilities: improper memory handling, improper validation, use after free...

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	apple	model:	ipad
vendor:	apple	model:	webkit
vendor:	apple	model:	ipad air
vendor:	apple	model:	macos

Cisco : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202202-0288, VAR-202207-1708, VAR-202207-1597, VAR-202207-1564, VAR-202207-1643, VAR-202207-1514, VAR-202208-0326, VAR-202209-0491, VAR-202207-1607, VAR-202207-1572, VAR-202207-1587, VAR-202210-1371, VAR-202207-1531, VAR-202209-1915, VAR-202207-1583, VAR-202207-1532, VAR-202207-1535, VAR-202207-1533, VAR-202207-1617, VAR-202202-0286, VAR-202207-1547, VAR-202207-1563, VAR-202207-1530, VAR-202207-1538, VAR-202207-1536, VAR-202207-1616, VAR-202207-1553, VAR-202208-0238, VAR-202207-1637, VAR-202209-2004, VAR-202207-1573, VAR-202210-1812, VAR-202207-1638, VAR-202208-0217, VAR-202207-1582, VAR-202210-1411, VAR-202209-1881, VAR-202210-1702, VAR-202209-2087, VAR-202210-1641, VAR-202209-1949, VAR-202207-0228, VAR-202207-1534, VAR-202207-1513, VAR-202207-1539, VAR-202207-0225, VAR-202207-1644, VAR-202209-1929, VAR-202208-1879, VAR-202203-1506 Trust: 5.25 Fetched: Nov. 4, 2022, 2:03 p.m., Published: Nov. 4, 2050, midnight	Vulnerabilities: request forgery, cross-site request forgery, improper validation...

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	cisco unity connection
vendor:	cisco	model:	nexus
vendor:	cisco	model:	unified communications manager session management edition
vendor:	cisco	model:	rv130
vendor:	cisco	model:	cisco unified communications manager
vendor:	cisco	model:	webex meetings
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	telepresence
vendor:	cisco	model:	data center network manager
vendor:	cisco	model:	application policy infrastructure controller
vendor:	cisco	model:	ios software
vendor:	cisco	model:	unity
vendor:	cisco	model:	sd-wan
vendor:	cisco	model:	unified communications manager
vendor:	cisco	model:	unity connection
vendor:	cisco	model:	webex teams
vendor:	cisco	model:	ios xe sd-wan software
vendor:	cisco	model:	cisco webex meetings
vendor:	cisco	model:	cisco sd-wan
vendor:	cisco	model:	cisco webex
vendor:	cisco	model:	rv110w
vendor:	cisco	model:	routers
vendor:	cisco	model:	webex
vendor:	cisco	model:	roomos
vendor:	cisco	model:	rv215w
vendor:	cisco	model:	cisco application policy infrastructure controller
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	telepresence collaboration endpoint
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco telepresence
vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	rv130w
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	small business
vendor:	cisco	model:	unified communications
vendor:	cisco	model:	cisco roomos
vendor:	cisco	model:	cisco unity

db:

NVD

ids:

CVE-2022-22807, CVE-2022-20916, CVE-2022-20879, CVE-2022-20876, CVE-2022-20885, CVE-2022-20913, CVE-2022-20869, CVE-2022-20863, CVE-2022-20882, CVE-2022-20890, CVE-2022-20875, CVE-2022-20822, CVE-2022-20906, CVE-2022-20915, CVE-2022-20880, CVE-2022-20857, CVE-2022-20861, CVE-2022-20909, CVE-2022-20878, CVE-2022-22809, CVE-2022-20887, CVE-2022-20889, CVE-2022-20908, CVE-2022-20886, CVE-2022-20858, CVE-2022-20884, CVE-2022-20860, CVE-2022-20852, CVE-2022-20910, CVE-2022-20920, CVE-2022-20877, CVE-2022-20955, CVE-2022-20874, CVE-2022-20914, CVE-2022-20881, CVE-2022-20953, CVE-2022-20830, CVE-2022-20954, CVE-2022-20930, CVE-2022-20959, CVE-2022-20850, CVE-2022-20862, CVE-2022-20907, CVE-2022-20873, CVE-2022-20888, CVE-2022-20859, CVE-2022-20883, CVE-2022-20844, CVE-2022-20921, CVE-2022-22965

Rockwell Automation Stratix Devices Containing Cisco IOS \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202006-1085, VAR-202006-1151, VAR-202006-1078, VAR-202103-0768, VAR-202103-0545, VAR-202006-1096, VAR-202006-1076, VAR-202009-1147, VAR-202006-1086 Trust: 5.5 Fetched: Nov. 4, 2022, 2:03 p.m., Published: Nov. 1, 2022, midnight	Vulnerabilities: command injection, improper validation, directory traversal...

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	cisco iox
vendor:	cisco	model:	ios software
vendor:	cisco	model:	cisco iox application
vendor:	cisco	model:	industrial ethernet
vendor:	cisco	model:	iox application
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios
vendor:	rockwell automation	model:	automation stratix
vendor:	rockwell	model:	automation stratix

db:

NVD

ids:

CVE-2020-3218, CVE-2020-3200, CVE-2020-3211, CVE-2021-1446, CVE-2021-1385, CVE-2020-3229, CVE-2020-3209, CVE-2020-3516, CVE-2020-3219

Cybercriminals exploit critical vulnerabilities in Veeam Backup - Techzine Europe Trust: 4.0 Fetched: Nov. 4, 2022, 2:03 p.m., Published: Oct. 25, 2022, 6:05 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2022-26501, CVE-2022-26504, CVE-2022-26500

Cisco Email Security Appliance Denial of Service Vulnerability - Cisco Trust: 5.0 Fetched: Nov. 4, 2022, 2:02 p.m., Published: Nov. 2, 2022, 11:40 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	cloud email security
vendor:	cisco	model:	cisco cloud email security
vendor:	cisco	model:	cisco email security appliance
vendor:	cisco	model:	email security appliance

Siemens LOGO! 8 BM Devices \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202210-0504, VAR-202210-0503, VAR-202210-0505 Trust: 3.75 Fetched: Nov. 4, 2022, 1:59 p.m., Published: Nov. 8, 2022, midnight	Vulnerabilities: improper validation

Affected products

External IDs

db:

NVD

ids:

CVE-2022-36361, CVE-2022-36362, CVE-2022-36363

Bugs in Safari, iOS 16.1 could let hackers steal users’ sensitive data: Cert-In Trust: 4.75 Fetched: Nov. 4, 2022, 1:58 p.m., Published: Oct. 25, 2022, 8:07 p.m.	Vulnerabilities: improper memory handling, use after free, memory corruption...

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air
vendor:	apple	model:	macos
vendor:	apple	model:	ipad
vendor:	apple	model:	safari
vendor:	apple	model:	webkit

Vulnerabilities In Airline WiFi Devices Expose Passenger Data Trust: 3.75 Fetched: Nov. 4, 2022, 1:58 p.m., Published: Oct. 11, 2022, midnight	Vulnerabilities: default password

Affected products

External IDs

db:

NVD

ids:

CVE-2022-36158

Apple fixes latest zero-day vulnerability to hit iOS devices \| SC Media Related entries in the VARIoT vulnerabilities database: VAR-202210-1624 Trust: 4.75 Fetched: Nov. 4, 2022, 1:58 p.m., Published: Oct. 26, 2022, 3:29 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air
vendor:	apple	model:	macos
vendor:	apple	model:	ipad
vendor:	apple	model:	watchos
vendor:	apple	model:	tvos
vendor:	apple	model:	safari

db:

NVD

ids:

CVE-2022-42827

Fortinet Admits Many Devices Still Unprotected Against Exploited Vulnerability \| SecurityWeek.Com Related entries in the VARIoT vulnerabilities database: VAR-202210-0198 Trust: 4.0 Fetched: Nov. 4, 2022, 1:57 p.m., Published: Nov. 4, 2022, midnight	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2022-40684

Export software vulnerabilities assessment per device \| Microsoft Learn Trust: 3.5 Fetched: Nov. 4, 2022, 1:56 p.m., Published: Oct. 19, 2022, 9:04 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2020-16011, CVE-2020-15992, CVE-2020-26971

Threat and vulnerability management - Microsoft Service Assurance \| Microsoft Learn Trust: 3.0 Fetched: Nov. 4, 2022, 1:50 p.m., Published: Oct. 17, 2022, 9:44 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

BlackBerry Blog Trust: 3.0 Fetched: Nov. 4, 2022, 1:49 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

blackberry

model:

blackberry

VARIoT news about IoT security