VARIoT latest news about IoT security

VMware Aria Automation Access Control Vulnerability (VMSA-2024... \| Tenable® Trust: 3.25 Fetched: Jan. 23, 2024, 10:11 a.m., Published: Jan. 23, 2024, midnight	Vulnerabilities: access control vulnerability

Affected products	External IDs

Hackers Exploit QNAP Devices: Active Exploitation of QNAP VioStor NVR Vulnerability Discovered \| B2Bdaily.com Trust: 3.5 Fetched: Jan. 23, 2024, 10:11 a.m., Published: Dec. 26, 2023, 12:44 p.m.	Vulnerabilities: command injection, default credentials, os command injection...

Affected products

External IDs

db:

NVD

ids:

CVE-2023-47565

CISA adds VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog Trust: 4.0 Fetched: Jan. 23, 2024, 10:05 a.m., Published: Jan. 23, 2024, 8 a.m.	Vulnerabilities: command execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-34048, CVE-2023-20867

Agent Tesla exploits MS Excel flaw in ongoing phishing attacks Trust: 4.5 Fetched: Jan. 23, 2024, 10:04 a.m., Published: Jan. 3, 2024, midnight	Vulnerabilities: code execution, code insertion, code injection

Affected products

External IDs

vendor:

trend

model:

security

db:

NVD

ids:

CVE-2020-14883, CVE-2017-11882, CVE-2023-49070

Apple releases iOS 17.3 with Stolen Device Protection and an important WebKit fix - HardwareZone.com.sg Trust: 3.0 Fetched: Jan. 23, 2024, 9:53 a.m., Published: Jan. 17, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	icloud
vendor:	apple	model:	iphone

System BIOS komputerów Dell Inspiron 5400/5401/7700 AIO \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Jan. 23, 2024, 9:53 a.m., Published: Jan. 17, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

System BIOS komputerów Alienware x15/x17 R2 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Jan. 23, 2024, 9:53 a.m., Published: Jan. 16, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

System BIOS komputerów Alienware x15/x17 R2 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Jan. 23, 2024, 9:43 a.m., Published: Jan. 16, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

System BIOS komputera Dell XPS 13 9310 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Jan. 23, 2024, 9:42 a.m., Published: Jan. 16, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

System BIOS komputera Dell XPS 13 9310 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Jan. 23, 2024, 9:42 a.m., Published: Jan. 16, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now Trust: 5.75 Fetched: Jan. 23, 2024, 9:37 a.m., Published: Jan. 16, 2024, 1:39 p.m.	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	sonicwall	model:	ssl vpn
vendor:	sonicwall	model:	sonicos

db:

NVD

ids:

CVE-2022-22274, CVE-2023-0656

5Ghoul : Unleashing Chaos on 5G Edge Devices Related entries in the VARIoT vulnerabilities database: VAR-202312-0152, VAR-202312-0020, VAR-202312-0073, VAR-202312-0171, VAR-202311-0169, VAR-202312-0055, VAR-202312-0146 Trust: 5.25 Fetched: Jan. 23, 2024, 9:33 a.m., Published: Jan. 5, 2024, midnight	Vulnerabilities: memory access error, denial of service

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	android
vendor:	asus	model:	asus
vendor:	asus	model:	routers
vendor:	asus	model:	router
vendor:	xiaomi	model:	redmi
vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	notes
vendor:	samsung	model:	note
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	mobile phones
vendor:	vivo	model:	modem firmware
vendor:	vivo	model:	modems
vendor:	vivo	model:	modem
vendor:	wireshark	model:	wireshark
vendor:	oneplus	model:	one

db:

NVD

ids:

CVE-2023-33044, CVE-2023-32841, CVE-2023-32843, CVE-2023-33043, CVE-2023-33042, CVE-2023-32844, CVE-2023-32845, CVE-2023-20702, CVE-2023-32846, CVE-2023-32842

Windows Zero-click RCE Flaw - Attackers Exploit Outlook Clients Trust: 4.75 Fetched: Jan. 23, 2024, 9:31 a.m., Published: Dec. 19, 2023, 12:58 p.m.	Vulnerabilities: code execution, security feature bypass, feature bypass...

Affected products

External IDs

db:

NVD

ids:

CVE-2023-36710, CVE-2023-23397, CVE-2023-35384

[2401.12184] Is Your Kettle Smarter Than a Hacker? A Scalable Tool for Assessing Replay Attack Vulnerabilities on Consumer IoT Devices Trust: 3.5 Fetched: Jan. 23, 2024, 9:31 a.m., Published: Jan. 22, 2024, midnight	Vulnerabilities: replay attack

Affected products	External IDs

iOS 17.3 released, closes 0-day \| Born's Tech and Windows World Trust: 3.75 Fetched: Jan. 23, 2024, 9:31 a.m., Published: Jan. 23, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad
vendor:	apple	model:	webkit
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2024-23222

Bluetooth Flaw Let Hackers Takeover of iOS & Android Devices Trust: 3.0 Fetched: Jan. 23, 2024, 9:25 a.m., Published: Jan. 21, 2024, 4:06 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

broadcom

model:

linux

About the security content of iOS 17.3 and iPadOS 17.3 - Apple Support Trust: 5.25 Fetched: Jan. 23, 2024, 9:19 a.m., Published: Jan. 17, 2024, midnight	Vulnerabilities: code execution, memory corruption

Affected products

External IDs

vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad
vendor:	apple	model:	safari
vendor:	apple	model:	webkit
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2024-23223, CVE-2024-23215, CVE-2024-23212, CVE-2024-23219, CVE-2024-23218, CVE-2024-23211, CVE-2024-23204, CVE-2024-23206, CVE-2024-23214, CVE-2024-23210, CVE-2024-23222, CVE-2024-23213, CVE-2024-23208, CVE-2024-23207, CVE-2024-23203, CVE-2024-23217

Apple fixes urgent zero-day flaw - update your iPhone and Mac right now \| Tom's Guide Trust: 3.75 Fetched: Jan. 23, 2024, 9:18 a.m., Published: Jan. 22, 2024, 9:58 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	apple	model:	safari
vendor:	apple	model:	tvos
vendor:	apple	model:	ipad
vendor:	apple	model:	webkit
vendor:	apple	model:	apple tv
vendor:	apple	model:	macos
vendor:	apple	model:	ipad air
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2024-23222

System BIOS komputera Dell XPS 9305 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Jan. 21, 2024, 10:34 a.m., Published: Jan. 21, 9305, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

15 FREE Website Security Scanner to Find Vulnerabilities and Malware - Geekflare Trust: 3.5 Fetched: Jan. 21, 2024, 10:34 a.m., Published: Feb. 12, 2015, 6:21 p.m.	Vulnerabilities: local file inclusion, command injection, cross-site scripting...

Affected products	External IDs

VARIoT news about IoT security