VARIoT latest news about IoT security

Mitsubishi Electric CNC Series (Update A) \| CISA Trust: 5.0 Fetched: Aug. 30, 2023, 9:28 a.m., Published: Aug. 3, 2023, midnight	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2023-3346

What Is Endpoint Security and Why Does Your Company Need It? Trust: 3.75 Fetched: Aug. 30, 2023, 9:27 a.m., Published: Aug. 3, 2023, 6 a.m.	Vulnerabilities: code injection

Affected products	External IDs

Cisco Identity Services Engine Device Credential Information Disclosure Vulnerability - Cisco Trust: 5.0 Fetched: Aug. 30, 2023, 9:25 a.m., Published: Aug. 16, 2023, 11:10 a.m.	Vulnerabilities: information disclosure

Affected products

External IDs

vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	identity services engine

Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol Denial of Service Vulnerability Trust: 4.0 Fetched: Aug. 30, 2023, 9:25 a.m., Published: Aug. 23, 2023, 3:48 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	nexus
vendor:	cisco	model:	nexus 7000
vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	series switches
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	1000v
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	nexus 1000v
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	series

Intel - First Health Advisory Trust: 3.0 Fetched: Aug. 30, 2023, 9:22 a.m., Published: Aug. 3, 2023, midnight	Vulnerabilities: service disruption, code execution

Affected products	External IDs

ADMX_CredSsp Policy CSP - Windows Client Management \| Microsoft Learn Trust: 5.0 Fetched: Aug. 30, 2023, 9:21 a.m., Published: Aug. 10, 2023, midnight	Vulnerabilities: default credentials

Affected products

External IDs

vendor:

delegate

model:

delegate

Cisco Firepower Release Notes, Version 7.0 - Open and Resolved Bugs [Cisco Secure Firewall Management Center] - Cisco Trust: 4.25 Fetched: Aug. 30, 2023, 9:19 a.m., Published: Aug. 15, 2023, 10:09 a.m.	Vulnerabilities: code execution, denial of service, authentication issue...

Affected products

External IDs

vendor:	snort	model:	snort
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	fxos
vendor:	cisco	model:	cisco firepower threat defense software
vendor:	cisco	model:	asdm
vendor:	cisco	model:	firepower threat defense software
vendor:	cisco	model:	umbrella
vendor:	cisco	model:	series
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	firepower
vendor:	cisco	model:	asa software
vendor:	cisco	model:	vpn client
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	eigrp
vendor:	cisco	model:	firepower 2100
vendor:	google	model:	home

db:

NVD

ids:

CVE-2022-32081, CVE-2022-22970

Secure by design Trust: 3.5 Fetched: Aug. 30, 2023, 9:17 a.m., Published: Aug. 3, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

Configure Microsoft Defender for Endpoint on iOS features \| Microsoft Learn Trust: 3.0 Fetched: Aug. 30, 2023, 9:15 a.m., Published: Dec. 18, 2020, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

ipad

Configure Microsoft Defender for Endpoint on iOS features \| Microsoft Learn Trust: 3.0 Fetched: Aug. 30, 2023, 9:14 a.m., Published: Dec. 18, 2020, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

ipad

Configure Microsoft Defender for Endpoint on iOS features \| Microsoft Learn Trust: 3.0 Fetched: Aug. 30, 2023, 9:12 a.m., Published: Dec. 18, 2020, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

ipad

Configure Microsoft Defender for Endpoint on iOS features \| Microsoft Learn Trust: 3.0 Fetched: Aug. 30, 2023, 9:11 a.m., Published: Dec. 18, 2020, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

ipad

What is Two-Factor Authentication (2FA)? and Why you need one? Trust: 3.5 Fetched: Aug. 30, 2023, 9:10 a.m., Published: Aug. 14, 2023, midnight	Vulnerabilities: password guessing

Affected products

External IDs

vendor:	essential	model:	phone
vendor:	trend	model:	security
vendor:	apple	model:	icloud
vendor:	google	model:	home

Ivanti Sentry critical vulnerability-don't play dice, patch Trust: 5.75 Fetched: Aug. 29, 2023, 9:08 a.m., Published: -	Vulnerabilities: authentication bypass

Affected products

External IDs

vendor:	mobileiron	model:	sentry
vendor:	mobileiron	model:	mobileiron sentry

db:

NVD

ids:

CVE-2023-35078, CVE-2023-38035, CVE-2023-35081

Cisco NX-OS Software TACACS+ or RADIUS Remote Authentication Directed Request Denial of Service Vulnerability Trust: 4.0 Fetched: Aug. 29, 2023, 9:08 a.m., Published: Aug. 23, 2023, 3:48 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	nexus 7000
vendor:	cisco	model:	nexus 1000v
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	series switches
vendor:	cisco	model:	cisco nexus 9000 series
vendor:	cisco	model:	nexus
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	1000v
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	series
vendor:	cisco	model:	nexus 9000 series

KmsdBot Malware Gets an Upgrade: Now Targets IoT Devices with Enhanced Capabilities Trust: 3.0 Fetched: Aug. 29, 2023, 9:07 a.m., Published: Aug. 28, 2023, 5:43 a.m.	Vulnerabilities: default credentials

Affected products	External IDs

Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog Trust: 4.0 Fetched: Aug. 29, 2023, 9:07 a.m., Published: Aug. 22, 2023, 3:36 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-26360, CVE-2023-26359

Update now! Google Chrome's first weekly update has arrived Trust: 5.5 Fetched: Aug. 27, 2023, 9:11 a.m., Published: -	Vulnerabilities: use after free, heap corruption, memory access vulnerability

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

db:

NVD

ids:

CVE-2023-4427, CVE-2023-4429, CVE-2023-4430, CVE-2023-4428, CVE-2023-4431

Best firewall software of 2023 \| TechRadar Trust: 3.5 Fetched: Aug. 25, 2023, 9:14 a.m., Published: July 7, 2022, 6 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	comodo	model:	comodo firewall
vendor:	comodo	model:	firewall
vendor:	comodo	model:	internet security
vendor:	comodo	model:	antivirus
vendor:	avast	model:	antivirus
vendor:	avast	model:	anti-virus

Adobe ColdFusion vulnerability exploited in the wild Trust: 3.75 Fetched: Aug. 25, 2023, 9:14 a.m., Published: -	Vulnerabilities: improper access control, code execution, access control vulnerability

Affected products

External IDs

db:

NVD

ids:

CVE-2023-26360, CVE-2023-26359

VARIoT news about IoT security