Sign-up

VARIoT news about IoT security

Cisco Releases Security Advisory for Vulnerabilities in Cisco Expressway Series | CISA

Trust: 3.0

Fetched: Feb. 23, 2024, 9:44 a.m., Published: Feb. 23, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: series
vendor: cisco model: expressway
vendor: cisco model: cisco expressway
vendor: cisco model: expressway series

Cisco Unified Intelligence Center Insufficient Access Contro... - vulnerability database | Vulners.com

Trust: 3.0

Fetched: Feb. 23, 2024, 9:42 a.m., Published: Feb. 21, 2024, 4 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: unified intelligence center
vendor: cisco model: cisco unified intelligence center

Cisco Unified Intelligence Center Insufficient Access Control Vulnerability

Trust: 5.0

Fetched: Feb. 23, 2024, 9:41 a.m., Published: Feb. 21, 2024, 3:57 p.m.
 Vulnerabilities: access control vulnerability
Affected productsExternal IDs
vendor: cisco model: cisco unified intelligence center
vendor: cisco model: unified intelligence center

The Rise of Connected Medical Devices: New Security Risks and How to Mitigate Them

Trust: 3.0

Fetched: Feb. 23, 2024, 9:40 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Apple Shortcuts Zero-Click Vulnerability Enables Covert Data Theft - VULNERA

Trust: 3.75

Fetched: Feb. 23, 2024, 9:34 a.m., Published: Feb. 22, 2024, 8:39 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: webkit
vendor: apple model: watchos
vendor: apple model: icloud
vendor: apple model: safari
vendor: apple model: macos
db: NVD ids: CVE-2024-23204, CVE-2024-23222

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers - BU-CERT

Trust: 4.25

Fetched: Feb. 23, 2024, 9:32 a.m., Published: Feb. 19, 2024, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2023-52160, CVE-2023-52161

Apple's reply on device vulnerability not totally clear: MoS IT on iPhone alert to MPs

Trust: 3.25

Fetched: Feb. 23, 2024, 9:31 a.m., Published: Feb. 19, 2024, 10:48 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Study highlights security vulnerabilities in the smart home - CNET

Trust: 3.25

Fetched: Feb. 23, 2024, 9:22 a.m., Published: Feb. 1, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: nest model: learning thermostat
vendor: chamberlain model: myq garage
vendor: chamberlain model: myq gateway

Siemens SIMATIC HMI Devices Vulnerabilities (Update E) | CISA

Related entries in the VARIoT vulnerabilities database: VAR-201504-0235, VAR-201504-0031, VAR-201504-0234

Trust: 4.75

Fetched: Feb. 23, 2024, 9:22 a.m., Published: Feb. 23, 2023, midnight
 Vulnerabilities: resource exhaustion
Affected productsExternal IDs
vendor: siemens model: simatic
vendor: siemens model: simatic hmi multi panels
vendor: siemens model: simatic wincc
vendor: siemens model: simatic hmi
vendor: siemens model: wincc
vendor: siemens model: simatic pcs 7
vendor: siemens model: wincc tia portal
vendor: siemens model: simatic net
vendor: siemens model: simatic wincc runtime
vendor: siemens model: simatic wincc comfort
vendor: siemens model: simatic wincc runtime professional
vendor: siemens model: pcs 7
vendor: siemens model: simatic hmi basic panels 2nd generation
vendor: siemens model: wincc runtime advanced
vendor: siemens model: simatic hmi comfort panels
vendor: siemens model: simatic net pc-software
vendor: siemens model: simatic hmi mobile panel 277
vendor: siemens model: simatic hmi mobile panel
vendor: siemens model: simatic net pc
vendor: siemens model: simatic hmi panels
vendor: siemens model: tia portal
vendor: siemens model: simatic wincc runtime advanced
vendor: siemens model: simatic automation tool
vendor: siemens model: siemens simatic hmi
vendor: siemens model: simatic pcs
vendor: siemens model: simatic hmi basic panels 1st generation
db: NVD ids: CVE-2015-2823, CVE-2015-1601, CVE-2015-2822

CVE-2024-20253: Cisco Unified Comms Remote Code Execution Vulnerability

Trust: 5.75

Fetched: Feb. 21, 2024, 10:30 a.m., Published: Feb. 21, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: packaged contact center enterprise
vendor: cisco model: unified contact center express
vendor: cisco model: unified communications manager im & presence service
vendor: cisco model: unity
vendor: cisco model: virtualized voice browser
vendor: cisco model: unified communications manager
vendor: cisco model: unity connection
vendor: cisco model: unified communications
vendor: cisco model: cisco unified communications manager
vendor: cisco model: unified contact center enterprise
db: NVD ids: CVE-2024-20253

Juniper Junos OS Vulnerability (JSA75723) | Tenable®

Trust: 4.0

Fetched: Feb. 21, 2024, 10:29 a.m., Published: June 21, 2024, midnight
 Vulnerabilities: denial of service, process crash
Affected productsExternal IDs
db: NVD ids: CVE-2024-21585

ZDI-24-120: X.Org Server XISendDeviceHierarchyEvent Heap-based Buffer Overflow Local Privilege Escalation Vulnerability - Cyber Security News

Trust: 5.0

Fetched: Feb. 21, 2024, 10:28 a.m., Published: Feb. 9, 2024, 6 a.m.
 Vulnerabilities: privilege escalation, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2024-21885

Can Smart Devices Be Controlled With Remote? - ByRetreat

Trust: 3.5

Fetched: Feb. 21, 2024, 10:24 a.m., Published: Jan. 29, 2024, 4:25 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

Atlassian’s Confluence Data Center and Server Affected by Critical RCE Vulnerability, CVE-2023-22527: Patch Now - SOCRadar® Cyber Intelligence Inc.

Trust: 4.0

Fetched: Feb. 21, 2024, 10:22 a.m., Published: Jan. 29, 2024, 1:36 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-21674, CVE-2018-10054, CVE-2023-22527, CVE-2020-26217

System BIOS komputera Alienware Aurora R13 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Feb. 21, 2024, 10:14 a.m., Published: Feb. 7, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

System BIOS komputerów Dell Vostro 5880 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Feb. 21, 2024, 10:13 a.m., Published: Feb. 21, 5880, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

What Cool Things Can You Do With Control4? - ByRetreat

Trust: 3.5

Fetched: Feb. 21, 2024, 10:12 a.m., Published: Jan. 27, 2024, 7:07 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

Is Home Automation the Same as Smart Home? - ByRetreat

Trust: 3.5

Fetched: Feb. 21, 2024, 10:10 a.m., Published: Jan. 26, 2024, 2:56 p.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

System BIOS komputera Alienware Aurora R13 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Feb. 21, 2024, 10:08 a.m., Published: Feb. 7, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Enterprise Security Design Basic Checklist

Trust: 4.25

Fetched: Feb. 21, 2024, 10:01 a.m., Published: Feb. 3, 2024, midnight
 Vulnerabilities: system crash, privilege escalation, denial of service...
Affected productsExternal IDs
vendor: cisco model: cisco routers
vendor: cisco model: cisco ios
vendor: cisco model: adaptive security appliance
vendor: cisco model: catalyst 6500 series
vendor: cisco model: access points
vendor: cisco model: network admission control
vendor: cisco model: security manager
vendor: cisco model: asa 5510
vendor: cisco model: cisco catalyst 6500 series
vendor: cisco model: series
vendor: cisco model: catalyst 6500
vendor: cisco model: fwsm
vendor: cisco model: ip phones
vendor: cisco model: ciscoworks
vendor: cisco model: access control server
vendor: cisco model: routers
vendor: cisco model: catalyst switches
vendor: cisco model: network access control
vendor: cisco model: router
vendor: cisco model: series switch
vendor: cisco model: guard
vendor: cisco model: intrusion prevention system
vendor: cisco model: catalyst
vendor: cisco model: firewall services module
vendor: cisco model: idsm-2