Sign-up

VARIoT news about IoT security

Attacks Targeting Realtek SDK Vulnerability Ramping Up - SecurityWeek

Trust: 5.75

Fetched: Jan. 27, 2023, 9:09 a.m., Published: Jan. 24, 2023, 2:47 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: realtek model: realtek sdk
vendor: palo model: networks
vendor: huawei model: huawei
vendor: asus model: routers
vendor: asus model: asus
vendor: palo alto networks model: networks
vendor: tp-link model: routers
db: NVD ids: CVE-2021-35394

BMC Firmware Vulnerabilities Expose OT, IoT Devices to Remote Attacks - SecurityWeek

Trust: 3.5

Fetched: Jan. 27, 2023, 9:08 a.m., Published: Nov. 22, 2022, midnight
 Vulnerabilities: code execution, access control issue, command injection
Affected productsExternal IDs
vendor: asus model: asus
vendor: asus model: bmc firmware
vendor: lenovo model: system

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability - McHugo.com

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 3.75

Fetched: Jan. 26, 2023, 10:23 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipod touch
vendor: apple model: iphone
vendor: apple model: webkit
vendor: apple model: tvos
vendor: apple model: watchos
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: macos
db: NVD ids: CVE-2022-42856

Apple releases updates for older devices to fix an actively exploited vulnerability -

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 4.75

Fetched: Jan. 26, 2023, 10:23 a.m., Published: Jan. 24, 2023, 9:21 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipod touch
vendor: apple model: watchos
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: tvos
db: NVD ids: CVE-2022-42856

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability - Domedigita

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 5.75

Fetched: Jan. 26, 2023, 10:20 a.m., Published: July 27, 2018, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipod touch
vendor: apple model: watchos
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: tvos
db: NVD ids: CVE-2022-42856

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability - BEKER

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 5.75

Fetched: Jan. 26, 2023, 10:20 a.m., Published: Jan. 24, 2023, 9:21 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipod touch
vendor: apple model: watchos
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: tvos
db: NVD ids: CVE-2022-42856

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability - Infocerts LLP

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 6.25

Fetched: Jan. 26, 2023, 10:19 a.m., Published: Jan. 25, 2023, 3:24 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
db: NVD ids: CVE-2022-42856

Hackers exploited vulnerability in Fortinet devices - On Universal.com

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 4.0

Fetched: Jan. 26, 2023, 10:19 a.m., Published: Jan. 25, 2023, 3:16 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475

Apple Patches Critical Security Vulnerabilities Actively Exploited In The Wild - Binary Defense

Trust: 3.0

Fetched: Jan. 26, 2023, 10:19 a.m., Published: Jan. 12, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: safari
vendor: apple model: macos

Decade-old iPhones get security updates

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 4.75

Fetched: Jan. 26, 2023, 10:18 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipod touch
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: tvos
db: NVD ids: CVE-2022-42856

Apple Rolls Out Software Updates With Critical Security Fixes for Older iPhone, iPad, MacBook Models | Technology News

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 3.75

Fetched: Jan. 26, 2023, 10:18 a.m., Published: Jan. 25, 2023, 9:50 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipod touch
vendor: apple model: macos
vendor: apple model: macbook
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2022-42856

Global Cybersecurity Market Analysis Report 2022-2027 - Increasing Focus on Solution-centric Security Capabilities and Rising Vulnerabilities on Endpoint Devices

Trust: 3.75

Fetched: Jan. 26, 2023, 10:17 a.m., Published: Jan. 24, 2023, 11:40 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: intrusion prevention system
vendor: rising model: antivirus
vendor: symantec model: data loss prevention
vendor: symantec model: antivirus
vendor: check point model: check point
vendor: symantec corporation model: data loss prevention
vendor: symantec corporation model: antivirus
vendor: cisco systems model: intrusion prevention system
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: check point software technologies model: check point

Chinese hackers exploit zero-day vulnerabilities in networking devices - Sentinelassam

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 4.25

Fetched: Jan. 26, 2023, 10:17 a.m., Published: Jan. 23, 2023, 5:44 a.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: fortigate model: fortios
vendor: google model: nexus
db: NVD ids: CVE-2022-42475

Two Vulnerabilities Found in Galaxy App Store - Infosecurity Magazine

Related entries in the VARIoT vulnerabilities database: VAR-202302-0598, VAR-202302-0502

Trust: 3.75

Fetched: Jan. 26, 2023, 10:16 a.m., Published: Jan. 23, 2023, 5 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: google model: android
vendor: google model: google chrome
vendor: google model: chrome
db: NVD ids: CVE-2023-21433, CVE-2023-21434

Apple Fixes Actively Exploited iOS Zero-Day on iPhones, iPads

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 3.75

Fetched: Jan. 26, 2023, 10:11 a.m., Published: Jan. 25, 2023, 2:37 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipod touch
vendor: apple model: iphone
vendor: apple model: webkit
vendor: apple model: ipad
db: NVD ids: CVE-2022-42856

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

Trust: 3.5

Fetched: Jan. 26, 2023, 10:11 a.m., Published: Jan. 25, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Chinese hackers exploit zero-day vulnerabilities in networking devices, CIO News, ET CIO

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 4.25

Fetched: Jan. 26, 2023, 10:10 a.m., Published: Jan. 23, 2023, 3:42 a.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: fortigate model: fortios
vendor: google model: nexus
db: NVD ids: CVE-2022-42475

Many ICS flaws remain unpatched as attacks against critical infrastructure rise - Reseller News

Trust: 3.5

Fetched: Jan. 26, 2023, 10:07 a.m., Published: Jan. 26, 2023, midnight
 Vulnerabilities: improper access control, buffer overflow, cross-site scripting...
Affected productsExternal IDs
vendor: trend model: security

IoT vendors faulted for slow progress in setting up vulnerability disclosure programs | The Daily Swig

Trust: 3.75

Fetched: Jan. 26, 2023, 10:06 a.m., Published: Jan. 24, 2023, 1:22 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: trend model: security
vendor: huawei model: huawei

How to get system shell access on any Samsung Galaxy device

Trust: 3.5

Fetched: Jan. 26, 2023, 10:05 a.m., Published: Jan. 24, 2023, 7:42 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: samsung model: knox
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
vendor: google model: android