Sign-up

VARIoT news about IoT security

Econolite EOS | CISA

Trust: 5.0

Fetched: March 19, 2023, 9:11 a.m., Published: Jan. 26, 2023, midnight
 Vulnerabilities: improper access control
Affected productsExternal IDs
db: NVD ids: CVE-2023-0451, CVE-2023-0452

Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets

Trust: 5.5

Fetched: March 19, 2023, 9:10 a.m., Published: -
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: samsung model: exynos
vendor: samsung model: mobile
vendor: samsung model: mobile devices
vendor: google model: wifi
vendor: google model: pixel
vendor: vivo model: modem
db: NVD ids: CVE-2023-24033, CVE-2023-24075, CVE-2023-24073, CVE-2023-24076, CVE-2023-24072, CVE-2023-24074

Project Zero: Samsung Mobile Chipsets Vulnerable to Baseband Code Execution Exploits - SecurityWeek

Trust: 4.75

Fetched: March 19, 2023, 9:10 a.m., Published: March 16, 2023, 8:12 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: vivo model: modems
vendor: samsung model: galaxy
vendor: samsung model: exynos
vendor: samsung model: samsung mobile
vendor: samsung model: note
vendor: samsung model: mobile
vendor: samsung model: mobile devices
vendor: google model: android
vendor: google model: pixel

Google warns users of Samsung Exynos zero-day vulnerabilities | TechTarget

Trust: 5.75

Fetched: March 19, 2023, 9:10 a.m., Published: March 17, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: vivo model: modem
vendor: vivo model: modems
vendor: samsung model: galaxy
vendor: samsung model: exynos
vendor: samsung model: mobile phones
vendor: samsung model: mobile
vendor: samsung model: mobile devices
vendor: google model: pixel
db: NVD ids: CVE-2023-24033, CVE-2023-26073, CVE-2023-26074, CVE-2023-26075, CVE-2023-26072

Google discovers 18 zero-day vulnerabilities in Samsung Exynos chipsets - neoSolutions

Trust: 5.5

Fetched: March 17, 2023, 9:22 a.m., Published: March 16, 2023, 10 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: vivo model: modem
vendor: google model: wifi
vendor: google model: pixel
vendor: samsung model: exynos
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: samsung model: samsung mobile
db: NVD ids: CVE-2023-24076, CVE-2023-24074, CVE-2023-24075, CVE-2023-24073, CVE-2023-24072, CVE-2023-24033

ClamAV HFS+ Partition Scanning Buffer Overflow Vulnerability Affecting Cisco Products: February 2023

Trust: 4.5

Fetched: March 17, 2023, 9:22 a.m., Published: Feb. 22, 2023, 2:09 p.m.
 Vulnerabilities: denial of service, buffer overflow
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: clamav model: clamav

Google Project Zero team finds critical security flaw in Samsung modems

Trust: 4.5

Fetched: March 17, 2023, 9:22 a.m., Published: March 17, 2023, 7:18 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: vivo model: modems
vendor: vivo model: modem
vendor: google model: pixel
vendor: samsung model: samsung galaxy
vendor: samsung model: exynos
vendor: samsung model: galaxy

Google warns users of 18 bugs in mass-level Android phones

Trust: 4.75

Fetched: March 17, 2023, 9:21 a.m., Published: March 18, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: exynos
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: google model: android
vendor: google model: pixel

[Samsung Responded] Severe Exynos modem vulnerabilities found, these models are affected - Sammy Fans

Trust: 5.75

Fetched: March 17, 2023, 9:21 a.m., Published: March 17, 2023, 5:14 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: vivo model: modems
vendor: vivo model: modem
vendor: samsung model: samsung galaxy
vendor: samsung model: exynos
vendor: samsung model: mobile
vendor: samsung model: galaxy
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2023-24033

Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets | Vumetric Cyber Portal

Trust: 5.5

Fetched: March 17, 2023, 9:20 a.m., Published: March 18, 2023, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: vivo model: modem
vendor: google model: pixel
vendor: samsung model: exynos
vendor: samsung model: mobile devices
vendor: samsung model: mobile
db: NVD ids: CVE-2023-24033

Google Disclosed 18 Zero-day in Samsung Exynos Chipsets - Cyber Kendra

Trust: 4.75

Fetched: March 17, 2023, 9:20 a.m., Published: March 18, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: vivo model: modems
vendor: samsung model: exynos
vendor: samsung model: mobile
vendor: google model: pixel
db: NVD ids: CVE-2023-24076, CVE-2023-24074, CVE-2023-24075, CVE-2023-24073, CVE-2023-24072, CVE-2023-24033

Google Discovers 18 Zero-Day Vulnerabilities In Samsung Exynos Chips: What It Means

Trust: 3.75

Fetched: March 17, 2023, 9:19 a.m., Published: March 17, 2023, 4:17 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: exynos
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: google model: android
vendor: google model: pixel

CVE.report on Twitter: "CVE-2023-0330 : A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.... https://t.co/zzWNA1cAkM" / Twitter

Trust: 5.25

Fetched: March 17, 2023, 9:18 a.m., Published: March 17, 2023, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2023-0330

Unpatchable Vulnerabilities in Phicomm Router Firmware - Research Advisory | TenableĀ®

Trust: 4.75

Fetched: March 17, 2023, 9:16 a.m., Published: Feb. 1, 2022, 6:31 p.m.
 Vulnerabilities: improper access control
Affected productsExternal IDs

Google: Turn off VoLTE, Wi-Fi calling due to Exynos vulnerability

Trust: 5.75

Fetched: March 17, 2023, 9:16 a.m., Published: March 16, 2023, 10:20 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: vivo model: modems
vendor: vivo model: modem
vendor: samsung model: samsung galaxy
vendor: samsung model: exynos
vendor: samsung model: mobile
vendor: samsung model: galaxy
vendor: google model: pixel
db: NVD ids: CVE-2023-24033

IoT Security: Risks, Examples, and Solutions | IoT Glossary

Trust: 3.75

Fetched: March 17, 2023, 9:15 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs

What is Remote Code Execution (RCE)? | Definition from TechTarget

Related entries in the VARIoT vulnerabilities database: VAR-202104-0752

Trust: 5.25

Fetched: March 17, 2023, 9:14 a.m., Published: March 3, 2023, midnight
 Vulnerabilities: code injection, privilege escalation, injection attack...
Affected productsExternal IDs
vendor: check point model: check point
vendor: apple model: watchos
vendor: apple model: macos
db: NVD ids: CVE-2020-17051, CVE-2021-1844, CVE-2019-8942

CVE-2022-43704 - Capture-Replay Vulnerability in Sinilink XY-WFT1 Thermostat | Trustwave

Trust: 3.75

Fetched: March 17, 2023, 9:13 a.m., Published: March 17, 2023, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2022-43704

ClamAV vulnerability hits Cisco security software - Security - iTnews

Related entries in the VARIoT vulnerabilities database: VAR-202302-1452

Trust: 5.5

Fetched: March 17, 2023, 9:13 a.m., Published: -
 Vulnerabilities: denial of service, buffer overflow
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: cisco model: nexus
vendor: cisco model: advanced malware protection
vendor: clamav model: clamav
db: NVD ids: CVE-2023-20014, CVE-2023-20032

Security Advisory - Buffer Overflow Vulnerability in a Huawei Printer Product

Related entries in the VARIoT vulnerabilities database: VAR-202302-1902

Trust: 5.75

Fetched: March 17, 2023, 9:12 a.m., Published: Jan. 17, 2023, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2022-48260