Sign-up

VARIoT news about IoT security

Android Update Fixes Critical Vulnerabilities | SecureTeam

Related entries in the VARIoT vulnerabilities database: VAR-202303-0155

Trust: 4.75

Fetched: March 10, 2023, 9:23 a.m., Published: March 8, 2023, 12:25 p.m.
 Vulnerabilities: buffer overflow, memory corruption, improper validation...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-20954, CVE-2023-20951, CVE-2022-33256, CVE-2022-33213

Top 10 Cybersecurity Threats in 2023 | Embroker

Trust: 3.75

Fetched: March 10, 2023, 9:22 a.m., Published: Jan. 26, 2022, 3:10 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

BitSight identifies thousands of organizations using Internet-facing and exposed webcams | BitSight

Trust: 3.75

Fetched: March 10, 2023, 9:22 a.m., Published: March 9, 2023, midnight
 Vulnerabilities: access control vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2022-34150

Android Critical Vulnerabilities CVE-2023-20951 and CVE-2023-20954: Description, Impact, Vulnerable Devices, and Mitigation

Trust: 5.0

Fetched: March 10, 2023, 9:21 a.m., Published: March 3, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-20954, CVE-2023-20951

Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610) - Help Net Security

Trust: 5.25

Fetched: March 10, 2023, 9:21 a.m., Published: March 9, 2023, 11:11 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2023-25610

Vulnerability scanner for Linux | Intruder

Related entries in the VARIoT vulnerabilities database: VAR-202203-0043, VAR-202101-1926

Trust: 4.5

Fetched: March 10, 2023, 9:20 a.m., Published: May 10, 2023, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: antivirus
db: NVD ids: CVE-2022-0847, CVE-2021-41073, CVE-2021-3156

Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability

Trust: 5.0

Fetched: March 10, 2023, 9:19 a.m., Published: March 8, 2023, 3:32 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xr software
vendor: cisco model: cisco ios xr
vendor: cisco model: ios xr

Akuvox Smart Intercom Vulnerabilities Leave Privacy Ajar | Claroty

Trust: 4.75

Fetched: March 10, 2023, 9:19 a.m., Published: March 9, 2023, midnight
 Vulnerabilities: command injection, default password, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-0348, CVE-2023-0351, CVE-2023-0354

Update Android now! Two critical vulnerabilities patched

Related entries in the VARIoT vulnerabilities database: VAR-202303-0155

Trust: 5.75

Fetched: March 10, 2023, 9:18 a.m., Published: March 9, 2023, 1:43 p.m.
 Vulnerabilities: memory corruption, information disclosure, code execution...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2022-33256, CVE-2023-20951, CVE-2021-33655, CVE-2022-33213, CVE-2023-20954

Critical Vulnerability in Cisco IP Phones

Trust: 3.25

Fetched: March 10, 2023, 9:18 a.m., Published: March 10, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ip phones

Fortinet Admits Many Devices Still Unprotected Against Exploited Vulnerability - SecurityWeek

Related entries in the VARIoT vulnerabilities database: VAR-202210-0198

Trust: 4.0

Fetched: March 10, 2023, 9:17 a.m., Published: Jan. 23, 2023, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2022-40684

Electronics | Free Full-Text | Analysis of Consumer IoT Device Vulnerability Quantification Frameworks

Trust: 4.0

Fetched: March 10, 2023, 9:13 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: code execution, code injection, data injection...
Affected productsExternal IDs
vendor: symantec model: system works
vendor: belkin model: router
vendor: google model: google home
vendor: google model: android
vendor: google model: home
vendor: tp-link model: routers
vendor: tp-link model: gateway
vendor: trend model: security

Netgear RAX30 Multiple Vulnerabilities - Research Advisory | TenableĀ®

Trust: 4.5

Fetched: March 10, 2023, 9:13 a.m., Published: March 8, 2023, 9:22 p.m.
 Vulnerabilities: request forgery, cross-site request forgery, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2023-27851, CVE-2023-27852, CVE-2023-1205, CVE-2023-27850, CVE-2023-27853

New Vulnerabilities Found in TPM 2.0 Library That Could be a Potential Threat to Billions of Devices | TechPowerUp Forums

Trust: 3.0

Fetched: March 8, 2023, 9:12 a.m., Published: March 2, 2023, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2023-1017, CVE-2023-1018

Exploring the Vulnerability of IoT Devices and the Best Practices for Securing Them - eBuilder Security

Trust: 4.25

Fetched: March 8, 2023, 9:12 a.m., Published: Feb. 15, 2023, 5:07 a.m.
 Vulnerabilities: denial of service, weak password
Affected productsExternal IDs
vendor: trend model: security
vendor: delegate model: delegate

Android fixes two critical remote code execution vulnerabilities with its March 2023 update - The Hindu

Trust: 4.5

Fetched: March 8, 2023, 9:11 a.m., Published: March 8, 2023, 7:30 a.m.
 Vulnerabilities: information disclosure, code execution
Affected productsExternal IDs
vendor: google model: android
vendor: motorola model: android
vendor: motorola model: motorola
vendor: samsung model: mobile
vendor: huawei model: huawei

Billions of PCs and other devices vulnerable to newly discovered TPM 2.0 flaws

Trust: 4.75

Fetched: March 8, 2023, 9:10 a.m., Published: March 2, 2023, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: lenovo model: updates
vendor: lenovo model: system
vendor: asus model: asus
db: NVD ids: CVE-2023-1017, CVE-2023-1018

Onboard to the Microsoft Defender for Endpoint service | Microsoft Learn

Trust: 3.0

Fetched: March 8, 2023, 9:09 a.m., Published: Dec. 18, 2020, midnight
 Vulnerabilities: configuration attack
Affected productsExternal IDs

'AMNESIA:33' Vulnerabilities in TCP/IP Stacks Expose Millions of Devices to Attacks - SecurityWeek

Related entries in the VARIoT vulnerabilities database: VAR-202012-0485

Trust: 4.5

Fetched: March 8, 2023, 9:09 a.m., Published: Dec. 9, 2020, 12:07 p.m.
 Vulnerabilities: denial of service, information disclosure, integer overflow...
Affected productsExternal IDs
vendor: treck model: tcp/ip stack
db: NVD ids: CVE-2020-24338, CVE-2020-25111, CVE-2020-24336

Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Arbitrary File Upload Vulnerability

Trust: 5.0

Fetched: March 8, 2023, 9:08 a.m., Published: Feb. 1, 2023, 3:56 p.m.
 Vulnerabilities: file upload vulnerability
Affected productsExternal IDs
vendor: cisco model: rv340
vendor: cisco model: rv340w
vendor: cisco model: rv345p
vendor: cisco model: rv345
vendor: cisco model: routers
vendor: cisco model: small business
vendor: cisco model: cisco small business
vendor: cisco model: series
vendor: cisco model: small business rv340
vendor: cisco model: rv345p dual wan gigabit vpn routers