Sign-up

VARIoT news about IoT security

Apple warns of three Zero-Day Vulnerabilities affecting iPhones, iPads, and Macs - IT World Canada

Related entries in the VARIoT vulnerabilities database: VAR-202306-0582

Trust: 6.0

Fetched: Feb. 24, 2023, 9:17 a.m., Published: Feb. 23, 2023, 1:13 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2023-12345, CVE-2023-23456, CVE-2023-34567

Vulnerability | Breaking Cybersecurity News | The Hacker News

Trust: 4.0

Fetched: Feb. 24, 2023, 9:16 a.m., Published: Feb. 23, 2023, midnight
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2022-41903, CVE-2022-23521

Mirai malware variant V3G4 enables remote access to IoT devices via vulnerabilities | Born's Tech and Windows World

Trust: 3.75

Fetched: Feb. 24, 2023, 9:16 a.m., Published: Feb. 23, 2023, 12:29 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks

Google has a new breakthrough to show why Android is better than iOS devices | TechRadar

Trust: 4.75

Fetched: Feb. 24, 2023, 9:16 a.m., Published: Feb. 22, 2023, 5:04 p.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: google model: android

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices

Related entries in the VARIoT vulnerabilities database: VAR-202302-2044, VAR-202302-2240, VAR-202302-2045

Trust: 4.75

Fetched: Feb. 24, 2023, 9:15 a.m., Published: Feb. 22, 2023, 12:56 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: iphone
db: NVD ids: CVE-2023-23520, CVE-2023-23531, CVE-2023-23530

12 Mobile App Scanner to Find Security Vulnerabilities

Trust: 4.5

Fetched: Feb. 24, 2023, 9:14 a.m., Published: Dec. 26, 2016, 12:07 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos
vendor: google model: android
vendor: google model: chrome

[no-title]

Trust: 3.5

Fetched: Feb. 24, 2023, 9:14 a.m., Published: Aug. 17, 2021, 1:27 p.m.
 Vulnerabilities: code execution, device impersonation
Affected productsExternal IDs
db: NVD ids: CVE-2021-28372

Microsoft delivers 75-count box of patches for Tuesday • The Register

Related entries in the VARIoT vulnerabilities database: VAR-202302-1440, VAR-202302-1349, VAR-202302-1474, VAR-202302-1442, VAR-202302-1248, VAR-202302-1249, VAR-202302-1616, VAR-202302-1219, VAR-202302-1373, VAR-202302-1401, VAR-202302-1348

Trust: 4.5

Fetched: Feb. 24, 2023, 9:13 a.m., Published: -
 Vulnerabilities: privilege escalation, security feature bypass, code execution...
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: safari
vendor: apple model: webkit
vendor: apple model: macos
vendor: trend micro model: security
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2022-36287, CVE-2022-36397, CVE-2022-29523, CVE-2022-41314, CVE-2022-41614, CVE-2022-36416, CVE-2022-36382, CVE-2022-33196, CVE-2022-21216, CVE-2021-33104, CVE-2022-27234, CVE-2022-30339, CVE-2022-38090, CVE-2022-21163, CVE-2022-27808, CVE-2022-38056, CVE-2022-36369, CVE-2022-27677, CVE-2022-27672

Cisco IOx Application Hosting Environment Command Injection Vulnerability - Cisco

Trust: 3.75

Fetched: Feb. 24, 2023, 9:13 a.m., Published: Feb. 22, 2023, 10:04 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe software
vendor: cisco model: cisco iox
vendor: cisco model: iox application
vendor: cisco model: cisco iox application

Cisco Nexus Dashboard Cross-Site Scripting Vulnerability

Trust: 5.25

Fetched: Feb. 24, 2023, 9:12 a.m., Published: Feb. 15, 2023, 3:53 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: cisco model: nexus

Teltonika - IoT, Internet of Things

Trust: 4.0

Fetched: Feb. 24, 2023, 9:12 a.m., Published: Feb. 7, 2023, 8:15 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

The code that wasn't there: Reading memory on an Android device by accident | The GitHub Blog

Related entries in the VARIoT vulnerabilities database: VAR-202210-0355

Trust: 4.25

Fetched: Feb. 24, 2023, 9:11 a.m., Published: Feb. 17, 2023, 1:26 p.m.
 Vulnerabilities: memory corruption, information leak
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: notes
vendor: samsung model: samsung galaxy
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2022-25664

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability

Trust: 5.0

Fetched: Feb. 24, 2023, 9:11 a.m., Published: Feb. 15, 2023, 3:53 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine

Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices - Parrot CTFs Blog

Trust: 3.75

Fetched: Feb. 22, 2023, 9:08 a.m., Published: Feb. 1, 2023, 12:42 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo alto networks model: networks

Many Cacti servers are vulnerable to attack as they fail to patch critical vulnerabilities - Parrot CTFs Blog

Trust: 5.5

Fetched: Feb. 22, 2023, 9:08 a.m., Published: Jan. 27, 2023, 7:08 p.m.
 Vulnerabilities: command injection, string attack
Affected productsExternal IDs
db: NVD ids: CVE-2022-46169

New Mirai botnet variant V3G4 targets Linux servers, IoT devices -

Related entries in the VARIoT vulnerabilities database: VAR-202206-0004, VAR-202002-1447, VAR-202006-1056

Trust: 5.75

Fetched: Feb. 22, 2023, 9:08 a.m., Published: Feb. 18, 2023, 11:23 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: draytek model: vigor
db: NVD ids: CVE-2019-15107, CVE-2022-4257, CVE-2022-26134, CVE-2012-4869, CVE-2020-8515, CVE-2020-15415

U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog - BEKER

Related entries in the VARIoT vulnerabilities database: VAR-202211-1679, VAR-202211-1570

Trust: 5.75

Fetched: Feb. 22, 2023, 9:07 a.m., Published: Feb. 22, 2023, 5:38 a.m.
 Vulnerabilities: code execution, authentication bypass, information disclosure...
Affected productsExternal IDs
vendor: mitel model: mivoice connect
db: NVD ids: CVE-2022-26377, CVE-2023-0669, CVE-2022-40765, CVE-2022-41223, CVE-2022-47986, CVE-2022-31813

Security Researchers Delve Into Major Vulnerability Patched in iOS 16.

Related entries in the VARIoT vulnerabilities database: VAR-202302-2045, VAR-202302-2240

Trust: 4.75

Fetched: Feb. 22, 2023, 9:07 a.m., Published: Feb. 16, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
db: NVD ids: CVE-2023-23530, CVE-2023-23531

Mirai Botnet Variant Vg34 Attacks IoT Devices through Multiple Exploits - WinBuzzer

Trust: 5.0

Fetched: Feb. 22, 2023, 9:06 a.m., Published: Feb. 18, 2023, 8:42 p.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: palo model: networks

Vulnerability in Security: A Complete Overview | Simplilearn

Trust: 3.75

Fetched: Feb. 22, 2023, 9:06 a.m., Published: Feb. 9, 2022, 5:54 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs