VARIoT latest news about IoT security

Threat Actors Exploit Progress Telerik Vulnerabilities in Multiple U.S. Government IIS Servers \| CISA Trust: 3.5 Fetched: July 12, 2023, 9:07 a.m., Published: June 15, 2023, midnight	Vulnerabilities: brute force attack, privilege escalation, application crash...

Affected products

External IDs

db:

NVD

ids:

CVE-2019-18935, CVE-2017-11317, CVE-2017-9248, CVE-2017-11357

Industrial firms potentially vulnerable to attacks using PiiGAB flaws \| SC Media Trust: 4.0 Fetched: July 12, 2023, 9:06 a.m., Published: July 20, 2022, 6 p.m.	Vulnerabilities: cross-site scripting, request forgery, cross-site request forgery...

Affected products	External IDs

12 Types of Vulnerability Scans (+ When to Run Each) \| eSP Trust: 3.5 Fetched: July 12, 2023, 9:05 a.m., Published: July 7, 2023, 10:16 p.m.	Vulnerabilities: cross-site scripting, privilege escalation, request forgery...

Affected products	External IDs

Actively exploited vulnerability threatens hundreds of solar power stations \| Ars Technica Trust: 3.5 Fetched: July 12, 2023, 9:05 a.m., Published: July 5, 2023, 8:21 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	palo	model:	networks
vendor:	palo alto networks	model:	networks

db:

NVD

ids:

CVE-2023-293333, CVE-2023-23333, CVE-2022-29303

DSA-2023-162: Security Update for Dell iDRAC9 Heimdal Vulnerability \| Dell Polska Trust: 3.5 Fetched: July 9, 2023, 9:13 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	dell emc	model:	idrac9
vendor:	dell	model:	idrac9

db:

NVD

ids:

CVE-2022-44640

Warning issued over vulnerability in cardiac device monitoring software Trust: 5.25 Fetched: July 9, 2023, 9:13 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-31222

How to Use FAIR Analysis to Quantify Risk from the MOVEit Vulnerability - Security Boulevard Trust: 4.5 Fetched: July 9, 2023, 9:13 a.m., Published: July 5, 2023, 1:34 p.m.	Vulnerabilities: sql injection

Affected products

External IDs

vendor:	accellion	model:	file transfer appliance
vendor:	accellion	model:	accellion file transfer appliance

db:

NVD

ids:

CVE-2023-35036, CVE-2023-35708, CVE-2023-34362

Urgent Android warning to fix ‘critical’ Google danger that lets hacker enter your phone ‘even if you don’t do anything’ \| The US Sun Trust: 5.0 Fetched: July 9, 2023, 9:12 a.m., Published: July 6, 2023, 3:45 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2023-21250

The URL you requested has been blocked Trust: 3.5 Fetched: July 9, 2023, 9:12 a.m., Published: July 5, 2051, 8:23 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2022-29303, CVE-2022-40881

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Trust: 5.25 Fetched: July 9, 2023, 9:12 a.m., Published: July 5, 2023, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

IoT Cyber Security: Trends, Challenges and Solutions Trust: 4.25 Fetched: July 7, 2023, 9:17 a.m., Published: July 22, 2023, midnight	Vulnerabilities: default password

Affected products

External IDs

vendor:	google	model:	wi-fi router
vendor:	google	model:	home
vendor:	tesla	model:	model
vendor:	node.js	model:	node.js

Urgent Android warning to fix ‘critical’ Google danger that lets hacker enter your phone ‘even if you don’t do anything’ \| The Sun Trust: 5.0 Fetched: July 7, 2023, 9:17 a.m., Published: July 6, 2023, 3:45 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2023-21250

Firmware vulnerabilities you don’t want in your product Trust: 3.5 Fetched: July 7, 2023, 9:16 a.m., Published: May 29, 2023, noon	Vulnerabilities: authentication bypass, code execution, command injection...

Affected products	External IDs

CISA warns of Medtronic cardiac device security vulnerability \| Healthcare IT News Trust: 5.0 Fetched: July 7, 2023, 9:15 a.m., Published: July 5, 2023, 1:23 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

trend

model:

security

CISA issues warning for cardiac device system vulnerability Trust: 5.0 Fetched: July 7, 2023, 9:14 a.m., Published: July 4, 2023, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-31222

23-029 (July 5, 2023) - Threat Encyclopedia Trust: 3.25 Fetched: July 7, 2023, 9:14 a.m., Published: July 5, 2023, midnight	Vulnerabilities: sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2023-36934

Medtronic identifies cybersecurity vulnerability in cardiac data system \| MedTech Dive Trust: 4.25 Fetched: July 7, 2023, 9:14 a.m., Published: July 5, 2023, midnight	Vulnerabilities: code execution

Affected products	External IDs

PiiGAB M-Bus \| CISA Trust: 4.5 Fetched: July 7, 2023, 9:14 a.m., Published: March 9, 2023, midnight	Vulnerabilities: cross-site scripting, brute force attack, weak password...

Affected products

External IDs

db:

NVD

ids:

CVE-2023-36859, CVE-2023-35120, CVE-2023-35765, CVE-2023-32652, CVE-2023-34433, CVE-2023-35987, CVE-2023-33868, CVE-2023-31277, CVE-2023-34995

TALOS-2023-1704 \|\| Cisco Talos Intelligence Group - Comprehensive Threat Intelligence Trust: 3.5 Fetched: July 7, 2023, 9:12 a.m., Published: July 6, 2023, midnight	Vulnerabilities: cross-site scripting, code injection

Affected products

External IDs

db:

NVD

ids:

CVE-2023-24496, CVE-2023-24497

Cisco BroadWorks Privilege Escalation Vulnerability Trust: 4.25 Fetched: July 7, 2023, 9:12 a.m., Published: July 5, 2023, 3:51 p.m.	Vulnerabilities: privilege escalation

Affected products	External IDs

VARIoT news about IoT security