VARIoT latest news about IoT security

Researchers Exploit Vulnerabilities Of Smart Device Microphones And Voice Assistants Trust: 3.25 Fetched: March 24, 2023, 9:18 a.m., Published: March 23, 2023, 11 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	apple	model:	iphone
vendor:	apple	model:	watch

Rewterz Threat Advisory - Multiple NETGEAR Devices Vulnerabilities - Rewterz Related entries in the VARIoT vulnerabilities database: VAR-202004-0365 Trust: 4.75 Fetched: March 24, 2023, 9:17 a.m., Published: March 17, 2023, 11:14 a.m.	Vulnerabilities: command injection, buffer overflow, improper bounds checking

Affected products

External IDs

db:

NVD

ids:

CVE-2021-0179, CVE-2021-0176, CVE-2022-0182, CVE-2020-0578, CVE-2020-0482

Google Says Turn Off Wi-Fi Calling - Now! New Vulnerability Impacts Exynos-based Mobile Devices. - Geek Slop Trust: 3.75 Fetched: March 24, 2023, 9:17 a.m., Published: March 22, 2023, 8:24 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	exynos
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	mobile
vendor:	samsung	model:	galaxy
vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2023-24033

The Top 5 Bluetooth Security Vulnerabilities Trust: 4.75 Fetched: March 24, 2023, 9:16 a.m., Published: March 22, 2023, 11:37 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

raspberry pi

model:

3

Addressing Cybersecurity Vulnerabilities in IoT Devices \| Ridge Security Trust: 3.0 Fetched: March 24, 2023, 9:15 a.m., Published: March 23, 2023, 6:54 p.m.	Vulnerabilities: denial of service

Affected products	External IDs

Researchers exploit vulnerabilities of smart device microphones and voice assistants Trust: 3.25 Fetched: March 24, 2023, 9:14 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	apple	model:	iphone
vendor:	apple	model:	watch

Uncovering the unheard: Researchers reveal inaudible remote cyber-attacks on voice assistant devices \| UTSA Today \| UTSA \| The University of Texas at San Antonio Trust: 3.5 Fetched: March 24, 2023, 9:12 a.m., Published: March 20, 2023, 2 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	apple	model:	iphone
vendor:	apple	model:	watch

Apple patches three new security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202302-2240, VAR-202302-2044, VAR-202302-2045 Trust: 5.75 Fetched: March 24, 2023, 9:12 a.m., Published: Feb. 22, 2023, 4:30 p.m.	Vulnerabilities: privilege escalation, code execution

Affected products

External IDs

vendor:

apple

model:

macos

db:

NVD

ids:

CVE-2023-23531, CVE-2023-23520, CVE-2023-23530

Cisco Releases Critical Security Updates for Cisco IP Phone - NHS Digital Trust: 3.0 Fetched: March 24, 2023, 9:12 a.m., Published: Feb. 1, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

cisco

model:

ip phone

Cisco IOS XE SD-WAN Software Command Injection Vulnerability Trust: 4.0 Fetched: March 24, 2023, 9:10 a.m., Published: March 22, 2023, 3:49 p.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:	cisco	model:	ios xe sd-wan software
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	sd-wan

Cisco Access Point Software Association Request Denial of Service Vulnerability Trust: 3.75 Fetched: March 24, 2023, 9:10 a.m., Published: March 22, 2023, 3:49 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	mesh	model:	mesh
vendor:	cisco	model:	wireless lan controller
vendor:	cisco	model:	series wireless controller
vendor:	cisco	model:	series
vendor:	cisco	model:	wireless controller
vendor:	cisco	model:	cisco wireless lan controller
vendor:	cisco	model:	mobility express
vendor:	cisco	model:	catalyst 9800
vendor:	cisco	model:	catalyst

Honeywell OneWireless Wireless Device Manager \| CISA Trust: 4.5 Fetched: March 24, 2023, 9:10 a.m., Published: March 9, 2023, midnight	Vulnerabilities: privilege escalation, command injection, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2022-43485, CVE-2022-46361, CVE-2022-4240

Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability Trust: 4.0 Fetched: March 24, 2023, 9:09 a.m., Published: March 23, 2023, 9:42 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios xe

Critical infrastructure at risk from new vulnerabilities found in wireless IIoT devices \| RegSource Trust: 4.75 Fetched: March 22, 2023, 9:23 a.m., Published: March 20, 2023, 5:03 a.m.	Vulnerabilities: code execution, information disclosure, command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2022-40981, CVE-2022-46649, CVE-2022-46650, CVE-2022-41607, CVE-2022-3703

Google finds major security flaw in smartphones with Samsung Exynos modems: list of devices affected Trust: 3.75 Fetched: March 22, 2023, 9:20 a.m., Published: March 19, 2023, 10:21 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	samsung	model:	notes
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	mobile
vendor:	samsung	model:	note
vendor:	samsung	model:	exynos
vendor:	samsung	model:	samsung galaxy
vendor:	vivo	model:	modem
vendor:	vivo	model:	modems

Unpatched Akuvox Smart Intercom Vulnerabilities Can Be Exploited for Spying - SecurityWeek Trust: 3.75 Fetched: March 22, 2023, 9:20 a.m., Published: March 10, 2023, 4:16 p.m.	Vulnerabilities: command injection, improper access control, default password...

Affected products	External IDs

Samsung Exynos modems were found to have a vulnerability, here's what company replied - SamNews 24 Trust: 4.75 Fetched: March 22, 2023, 9:19 a.m., Published: March 17, 2023, 9:03 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	samsung	model:	mobile
vendor:	samsung	model:	exynos
vendor:	vivo	model:	modems

db:

NVD

ids:

CVE-2023-24033

Rockwell Automation ThinManager \| CISA Trust: 4.5 Fetched: March 22, 2023, 9:17 a.m., Published: March 9, 2023, midnight	Vulnerabilities: code execution, access violation, buffer overflow...

Affected products

External IDs

db:

NVD

ids:

CVE-2023-28755, CVE-2023-28756, CVE-2023-28757

Google reveals 18 chip vulnerabilities threatening mobile, wearables, vehicles Trust: 3.75 Fetched: March 22, 2023, 9:17 a.m., Published: March 20, 2023, 9:47 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	samsung	model:	notes
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	mobile
vendor:	samsung	model:	exynos
vendor:	samsung	model:	samsung galaxy

db:

NVD

ids:

CVE-2023-24033

CVE - CVE-2023-20026 Related entries in the VARIoT vulnerabilities database: VAR-202301-0961 Trust: 4.75 Fetched: March 22, 2023, 9:16 a.m., Published: March 3, 2023, midnight	Vulnerabilities: improper validation

Affected products

External IDs

vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	routers
vendor:	cisco	model:	small business
vendor:	cisco	model:	rv042
vendor:	cisco	model:	series
vendor:	cisco systems	model:	cisco small business
vendor:	cisco systems	model:	routers
vendor:	cisco systems	model:	small business
vendor:	cisco systems	model:	rv042
vendor:	cisco systems	model:	series

db:

NVD

ids:

CVE-2023-20026

VARIoT news about IoT security