Sign-up

VARIoT news about IoT security

FortiOS/FortiProxy Security Alert: New Vulnerability Could Expose Devices to Remote Attacks - Next-Gen Cyber Defense and Response

Trust: 3.75

Fetched: March 15, 2023, 9:24 a.m., Published: March 13, 2023, 2:26 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2023-25610

Mirai Variant V3G4 Targets 13 Vulnerabilities to Infect IoT Devices -

Related entries in the VARIoT vulnerabilities database: VAR-201505-0363, VAR-202206-0004, VAR-202002-1447, VAR-202006-1056, VAR-201705-3255

Trust: 4.75

Fetched: March 15, 2023, 9:23 a.m., Published: Feb. 16, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo alto networks model: networks
vendor: draytek model: vigor
db: NVD ids: CVE-2012-4869, CVE-2014-9727, CVE-2019-15107, CVE-2022-4257, CVE-2022-26134, CVE-2022-36267, CVE-2020-8515, CVE-2020-15415, CVE-2017-5173

Siemens TIA Project-Server formerly known as TIA Multiuser Server - info database | Vulners

Trust: 4.5

Fetched: March 15, 2023, 9:22 a.m., Published: Feb. 16, 2023, noon
 Vulnerabilities: untrusted search path, search path vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2022-35868

[no-title]

Trust: 5.0

Fetched: March 15, 2023, 9:22 a.m., Published: Feb. 16, 2023, 8:42 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: draytek model: vigor
db: NVD ids: CVE-2022-46169

Common Vulnerabilities and Exposures in the Digital Attack Surface

Trust: 3.75

Fetched: March 15, 2023, 9:21 a.m., Published: March 8, 2023, 5:10 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

CSW's Threat Intelligence - March 13, 2023 - March 17, 2023

Trust: 3.0

Fetched: March 15, 2023, 9:21 a.m., Published: March 15, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-41328, CVE-2023-27905, CVE-2020-5741, CVE-2023-27898, CVE-2022-47986, CVE-2021-39144

Update iPhone to iOS 16.3 and Mac to macOS Ventura 13.2 | Kaspersky official blog

Related entries in the VARIoT vulnerabilities database: VAR-202302-2240, VAR-202302-2045

Trust: 3.5

Fetched: March 15, 2023, 9:20 a.m., Published: March 16, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: tvos
vendor: apple model: ipad
db: NVD ids: CVE-2023-23531, CVE-2023-23530

Clop ransomware is victimizing GoAnywhere MFT customers

Trust: 4.75

Fetched: March 15, 2023, 9:20 a.m., Published: March 14, 2023, 3:22 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: essential model: phone
db: NVD ids: CVE-2023-0669

Update iPhone to iOS 16.3 and Mac to macOS Ventura 13.2 | Kaspersky official blog

Related entries in the VARIoT vulnerabilities database: VAR-202302-2240, VAR-202302-2045

Trust: 3.5

Fetched: March 15, 2023, 9:20 a.m., Published: March 16, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: tvos
vendor: apple model: ipad
db: NVD ids: CVE-2023-23531, CVE-2023-23530

Netgear RAX30 Multiple Vulnerabilities - Research Advisory | TenableĀ®

Related entries in the VARIoT vulnerabilities database: VAR-202303-1178

Trust: 5.0

Fetched: March 15, 2023, 9:18 a.m., Published: March 14, 2023, 6:09 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: netgear model: router
db: NVD ids: CVE-2023-28337, CVE-2023-28338

Fortinet Finds Zero-Day Exploit in Government Attacks After Devices Detect Integrity Breach - SecurityWeek

Trust: 5.75

Fetched: March 15, 2023, 9:16 a.m., Published: March 14, 2023, 11:24 a.m.
 Vulnerabilities: command execution, code execution, path traversal
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-41328

CVE-2023-25610 a critical RCE vulnerability in FortiOS: everything you need to know | Wiz Blog

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 5.0

Fetched: March 15, 2023, 9:16 a.m., Published: March 3, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-42475, CVE-2023-25610

More than 150,000 Traffic Lights in the US Have a Critical Vulnerability

Trust: 3.0

Fetched: March 15, 2023, 9:16 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-0452

134M Exploit Attempts: Realtek RCE Vulnerability Targeted in Large-Scale Attacks

Trust: 5.25

Fetched: March 15, 2023, 9:15 a.m., Published: Jan. 31, 2023, 8:59 a.m.
 Vulnerabilities: code injection, code execution, sql injection
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo alto networks model: networks
db: NVD ids: CVE-2021-35394, CVE-2022-27596

Smart device vulnerabilities and securing against them | Kaspersky official blog

Trust: 4.25

Fetched: March 15, 2023, 9:14 a.m., Published: May 15, 2050, midnight
 Vulnerabilities: weak password
Affected productsExternal IDs
vendor: century model: router
vendor: apple model: watch

Sierra Wireless AirLink Router with ALEOS Software | CISA

Trust: 4.75

Fetched: March 15, 2023, 9:14 a.m., Published: Jan. 26, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sierra wireless model: rv50x
vendor: sierra wireless model: aleos
vendor: sierra wireless model: gx450
vendor: sierra wireless model: mp70
vendor: sierra wireless model: rv50
vendor: sierra wireless model: es450
vendor: sierra model: rv50x
vendor: sierra model: aleos
vendor: sierra model: gx450
vendor: sierra model: mp70
vendor: sierra model: rv50
vendor: sierra model: es450
db: NVD ids: CVE-2022-46649, CVE-2022-46650

Smart device vulnerabilities and securing against them | Kaspersky official blog

Trust: 4.25

Fetched: March 15, 2023, 9:13 a.m., Published: Jan. 25, 2023, midnight
 Vulnerabilities: weak password
Affected productsExternal IDs
vendor: century model: router
vendor: apple model: watch

WebKit vulnerability CVE-2022-42856 explained

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 5.75

Fetched: March 15, 2023, 9:13 a.m., Published: Feb. 17, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
db: NVD ids: CVE-2022-42856

Full Disclosure: Multiple vulnerabilities in Audiocodes Device Manager Express

Trust: 5.75

Fetched: March 15, 2023, 9:12 a.m., Published: March 10, 2023, midnight
 Vulnerabilities: cross-site scripting, path traversal, code execution...
Affected productsExternal IDs
vendor: audiocodes model: 400hd
db: NVD ids: CVE-2022-24629, CVE-2022-24627, CVE-2022-24632, CVE-2022-24630, CVE-2022-24628, CVE-2022-24631

Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202301-0961, VAR-202301-0962, VAR-202304-1067

Trust: 4.5

Fetched: March 15, 2023, 9:12 a.m., Published: March 14, 2023, 3:39 p.m.
 Vulnerabilities: command execution, improper validation, authentication bypass
Affected productsExternal IDs
vendor: cisco model: rv042
vendor: cisco model: rv016
vendor: cisco model: rv260w wireless-ac vpn routers
vendor: cisco model: rv325
vendor: cisco model: rv320 dual gigabit wan vpn
vendor: cisco model: rv320
vendor: cisco model: rv160
vendor: cisco model: rv345
vendor: cisco model: rv160 vpn routers
vendor: cisco model: rv260w
vendor: cisco model: series
vendor: cisco model: router
vendor: cisco model: rv260
vendor: cisco model: rv042 dual wan vpn
vendor: cisco model: cisco small business
vendor: cisco model: rv340
vendor: cisco model: rv325 dual gigabit wan vpn
vendor: cisco model: rv345p
vendor: cisco model: service management
vendor: cisco model: routers
vendor: cisco model: rv082
vendor: cisco model: rv260p
vendor: cisco model: small business
vendor: cisco model: rv325 dual gigabit wan vpn router
vendor: cisco model: rv042g dual gigabit wan vpn
vendor: cisco model: rv082 dual wan vpn
vendor: cisco model: rv016 multi-wan vpn
vendor: cisco model: rv160w
vendor: cisco model: rv042g
vendor: cisco model: rv340w
vendor: cisco model: rv260 vpn routers
vendor: cisco model: rv160w wireless-ac vpn routers
db: NVD ids: CVE-2023-20026, CVE-2023-20025, CVE-2023-20118