Sign-up

VARIoT news about IoT security

Protect Your Apple Devices: Two Zero-Day Vulnerabilities Exploited by Hackers

Related entries in the VARIoT vulnerabilities database: VAR-202302-1097

Trust: 3.75

Fetched: April 11, 2023, 9:07 a.m., Published: April 9, 2023, 5:43 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad air
vendor: apple model: ipad
db: NVD ids: CVE-2023-23529, CVE-2023-28206, CVE-2023-28205

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

Trust: 3.5

Fetched: April 11, 2023, 9:06 a.m., Published: April 1, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

CISA Issues Warnings on Seven New Exploited Vulnerabilities -- Campus Technology

Trust: 5.5

Fetched: April 11, 2023, 9:06 a.m., Published: April 10, 2023, midnight
 Vulnerabilities: code execution, command execution, privilege escalation...
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: ipad
db: NVD ids: CVE-2023-26083, CVE-2019-1388, CVE-2023-28206, CVE-2021-27876, CVE-2021-27877, CVE-2021-27878, CVE-2023-28205

Apple patches vulnerabilities used to target iPhones, iPads and Macs - SiliconANGLE

Trust: 5.75

Fetched: April 11, 2023, 9:05 a.m., Published: April 10, 2023, 11:43 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad air
vendor: apple model: ipad
db: NVD ids: CVE-2023-28206, CVE-2023-28205

Apple launches iOS 15.7.4 and more, fixing bugs on older devices

Trust: 3.75

Fetched: April 11, 2023, 9:04 a.m., Published: March 28, 2023, 1:43 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: macos
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipod touch
vendor: apple model: tvos
vendor: apple model: ipad air
vendor: apple model: ipad

Apple releases emergency security updates to patch iPhone, iPad and Mac zero-day flaws | Tom's Guide

Trust: 4.5

Fetched: April 11, 2023, 9:03 a.m., Published: April 10, 2023, 3:33 p.m.
 Vulnerabilities: use after free, code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad air
vendor: apple model: ipad
db: NVD ids: CVE-2023-28206

Apple just patched a pair of dangerous iOS and macOS security issues, so update now | TechRadar

Trust: 4.5

Fetched: April 11, 2023, 9:02 a.m., Published: April 10, 2023, 1:20 p.m.
 Vulnerabilities: use after free, code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: macos
db: NVD ids: CVE-2023-28206, CVE-2023-28205

A benchmark test uncovered some critical vulnerabilities in thousands of QNAP devices | TechRadar

Trust: 3.0

Fetched: April 7, 2023, 9:31 a.m., Published: April 5, 2023, 10:32 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-27598, CVE-2022-27597

A benchmark test uncovered some critical vulnerabilities in thousands of QNAP devices | PC Help Forum

Trust: 3.0

Fetched: April 7, 2023, 9:27 a.m., Published: Feb. 26, 2000, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-27598, CVE-2022-27597

Securing Medical Devices: The Critical Role of Mobile Apps in Ensuring Cybersecurity - Zimperium

Trust: 3.0

Fetched: April 7, 2023, 9:26 a.m., Published: April 5, 2023, 2:46 a.m.
 Vulnerabilities: -
Affected productsExternal IDs

Hackers Could Open Your Garage Door From Anywhere in the World If You Use Nexx Smart Devices - MarketBeat

Trust: 3.0

Fetched: April 7, 2023, 9:26 a.m., Published: April 6, 2023, 7:59 p.m.
 Vulnerabilities: -
Affected productsExternal IDs

80,000 QNAP Devices Exposed to Cyberattacks Due to Zero-Day Vulnerabilities - Vulnera

Trust: 5.5

Fetched: April 7, 2023, 9:25 a.m., Published: April 5, 2023, 3:23 p.m.
 Vulnerabilities: sql injection, code execution
Affected productsExternal IDs
vendor: qnap model: qnap qts
vendor: qnap systems model: qnap qts
db: NVD ids: CVE-2022-27598, CVE-2022-27597

Researchers find severe vulnerabilities in garage door openers and other smart devices | TechSpot Forums

Trust: 3.0

Fetched: April 7, 2023, 9:25 a.m., Published: April 7, 4070, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Protect Your Android Device Now: Critical Security Vulnerabilities Discovered

Trust: 5.75

Fetched: April 7, 2023, 9:23 a.m., Published: April 6, 2023, 10:52 a.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2022-38181, CVE-2023-21085, CVE-2023-21096

Researchers find severe vulnerabilities in garage door openers and other smart devices | TechSpot

Trust: 3.0

Fetched: April 7, 2023, 9:23 a.m., Published: April 7, 4070, midnight
 Vulnerabilities: -
Affected productsExternal IDs

QNAP Zero-Days Leave 80K Devices Vulnerable to Cyberattack

Trust: 5.25

Fetched: April 7, 2023, 9:22 a.m., Published: April 5, 2023, 3:23 p.m.
 Vulnerabilities: sql injection, code execution
Affected productsExternal IDs
vendor: qnap model: qnap qts
vendor: qnap systems model: qnap qts
db: NVD ids: CVE-2022-27598, CVE-2022-27597

Hackers compromise 3CX desktop app in a supply chain attack

Related entries in the VARIoT vulnerabilities database: VAR-202303-2580

Trust: 3.5

Fetched: April 7, 2023, 9:21 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sonicwall model: switch
vendor: palo model: networks
vendor: palo alto networks model: networks
db: NVD ids: CVE-2023-29059

QNAP warns customers to patch Linux Sudo flaw in NAS devices

Trust: 4.0

Fetched: April 7, 2023, 9:21 a.m., Published: -
 Vulnerabilities: privilege escalation, information disclosure, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-22809

Update Android now! Google patches three important vulnerabilities

Trust: 5.5

Fetched: April 7, 2023, 9:20 a.m., Published: April 5, 2023, 12:57 p.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2022-38181, CVE-2023-21085, CVE-2023-21096

A benchmark test uncovered some critical vulnerabilities in thousands of QNAP devices | TechRadar

Trust: 3.0

Fetched: April 7, 2023, 9:20 a.m., Published: April 5, 2023, 10:32 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-27598, CVE-2022-27597