Sign-up

VARIoT news about IoT security

Cisco Identity Services Engine Privilege Escalation Vulnerabilities - Cisco

Trust: 5.75

Fetched: Sept. 8, 2023, 9:10 a.m., Published: Sept. 7, 2023, 1:11 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine
vendor: cisco model: router
db: NVD ids: CVE-2023-20193, CVE-2023-20194

Update your iPhone: Apple just pushed out a significant security update | AP News

Trust: 3.0

Fetched: Sept. 8, 2023, 9:09 a.m., Published: Sept. 8, 2023, 2:07 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Access Denied

Trust: 3.25

Fetched: Sept. 8, 2023, 9:04 a.m., Published: Sept. 7, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Air Marshal - Cisco Meraki

Trust: 3.5

Fetched: Sept. 6, 2023, 9:20 a.m., Published: Oct. 5, 2020, 6:12 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: wireless access point
vendor: cisco model: access points
vendor: cisco model: wireless bridge
vendor: cisco model: intrusion prevention system

Vulnerability Assessment Types and Methodology | Indusface Blog

Trust: 3.5

Fetched: Sept. 6, 2023, 9:18 a.m., Published: Aug. 18, 2023, 5:18 a.m.
 Vulnerabilities: sql injection, cross-site request forgery, request forgery...
Affected productsExternal IDs

Hiding Inside Devices: Unveiling Vulnerabilities in Finance, Retail, and Logistics - Phosphorus

Trust: 3.25

Fetched: Sept. 6, 2023, 9:16 a.m., Published: Sept. 5, 2023, 1:40 p.m.
 Vulnerabilities: denial of service, default credentials, default password
Affected productsExternal IDs
vendor: siemens model: modbus tcp
vendor: siemens model: dnp3
vendor: google model: android
vendor: google model: home
vendor: sharp model: printers

ClamAV 1.x < 1.0.2 DoS - vulnerability database | Vulners.com

Trust: 5.5

Fetched: Sept. 6, 2023, 9:13 a.m., Published: Sept. 4, 2023, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: clamav model: clamav
vendor: cisco model: h
vendor: cisco model: clamav
db: NVD ids: CVE-2023-20212

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability - Cisco

Trust: 3.25

Fetched: Sept. 6, 2023, 9:12 a.m., Published: Aug. 18, 2023, 6:09 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

The Siemens PLC vulnerability: a deep dive into industrial cybersecurity - Security Boulevard

Related entries in the VARIoT vulnerabilities database: VAR-202105-0073, VAR-202210-0428, VAR-202301-0605

Trust: 4.5

Fetched: Sept. 6, 2023, 9:11 a.m., Published: Sept. 5, 2023, 8:12 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: siemens model: simatic
vendor: siemens model: simatic s7-1500
db: NVD ids: CVE-2020-15782, CVE-2022-38465, CVE-2022-38773

KNX Protocol | CISA

Trust: 4.75

Fetched: Sept. 6, 2023, 9:11 a.m., Published: March 7, 2023, midnight
 Vulnerabilities: account lockout, authorization vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2023-4346

Weekly Vulnerability Recap - Sept 4, 2023 - Network Devices Hit

Related entries in the VARIoT vulnerabilities database: VAR-202303-1848, VAR-202303-1844

Trust: 5.25

Fetched: Sept. 6, 2023, 9:10 a.m., Published: Sept. 5, 2023, 11:59 p.m.
 Vulnerabilities: path traversal, authentication bypass, code execution
Affected productsExternal IDs
vendor: minio model: minio
vendor: cisco model: routers
vendor: cisco model: netscaler gateway
vendor: citrix model: gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler adc
db: NVD ids: CVE-2023-3519, CVE-2023-36847, CVE-2023-34039, CVE-2023-36846, CVE-2023-36845, CVE-2023-28434, CVE-2023-36844, CVE-2023-33246, CVE-2023-20890, CVE-2023-32315, CVE-2023-28432

Android Security Bulletin-September 2023 | Android Open Source Project

Trust: 4.25

Fetched: Sept. 6, 2023, 9:09 a.m., Published: Sept. 6, 2023, midnight
 Vulnerabilities: information disclosure, denial of service, code execution
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: motorola model: android
vendor: motorola model: motorola
vendor: google model: android
vendor: google model: pixel
vendor: samsung model: note
vendor: samsung model: notes
vendor: samsung model: mobile
db: NVD ids: CVE-2023-33015, CVE-2023-35665, CVE-2023-28573, CVE-2023-35667, CVE-2023-35673, CVE-2023-35658, CVE-2023-35687, CVE-2023-35679, CVE-2023-35680, CVE-2023-35666, CVE-2023-35674, CVE-2023-35682, CVE-2023-35683, CVE-2023-35671, CVE-2023-35677, CVE-2023-35670, CVE-2023-35684, CVE-2023-35669, CVE-2023-33016, CVE-2023-21653, CVE-2023-21646, CVE-2023-35676, CVE-2023-28581, CVE-2022-40534, CVE-2023-35664, CVE-2023-28549, CVE-2023-35675, CVE-2023-35681, CVE-2023-28538

iDownloadBlog - Apple Blog: iPhone • Watch • iOS • Mac

Trust: 3.75

Fetched: Sept. 5, 2023, 9:19 a.m., Published: Sept. 15, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: iphone
vendor: apple model: ipad
vendor: samsung model: mobile
vendor: samsung model: mobile devices

Exploitation of Juniper Networks SRX Series and EX Series Devices | Rapid7 Blog

Trust: 3.0

Fetched: Sept. 5, 2023, 9:18 a.m., Published: Aug. 31, 2023, 8:23 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-36846, CVE-2023-36845, CVE-2023-36844, CVE-2023-36847

Resolved issues in Windows Server 2012 | Microsoft Learn

Trust: 4.75

Fetched: Sept. 5, 2023, 9:16 a.m., Published: Aug. 14, 2023, 1:55 a.m.
 Vulnerabilities: memory leak
Affected productsExternal IDs
db: NVD ids: CVE-2022-37967

The Five Stages of Vulnerability Management | Tripwire

Trust: 3.0

Fetched: Sept. 5, 2023, 9:15 a.m., Published: Aug. 14, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tripwire model: ip360

FBI confirms Barracuda patch is not effective for exploited ESG appliances

Trust: 4.5

Fetched: Sept. 5, 2023, 9:15 a.m., Published: Aug. 29, 2023, 1:22 p.m.
 Vulnerabilities: remote command injection, command injection
Affected productsExternal IDs
vendor: barracuda model: barracuda
db: NVD ids: CVE-2023-2868

The Hidden Dangers of Service Principal Names (SPNs)

Trust: 3.75

Fetched: Sept. 5, 2023, 9:14 a.m., Published: Aug. 28, 2023, 7:36 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability - Cisco

Trust: 3.0

Fetched: Sept. 5, 2023, 9:10 a.m., Published: Aug. 16, 2023, 11:09 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: umbrella virtual appliance
vendor: cisco model: umbrella
vendor: cisco model: cisco umbrella virtual appliance

Blog - Bright Security

Trust: 3.0

Fetched: Sept. 5, 2023, 9:09 a.m., Published: Jan. 22, 2023, 10:09 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs