VARIoT latest news about IoT security

Severe vulnerabilities found in most industrial controllers Trust: 3.75 Fetched: Dec. 20, 2022, 9:24 a.m., Published: Dec. 26, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

webkit

Cisco Reports Critical IP Phone Vulnerability \| Southwest Networks, Inc. Related entries in the VARIoT vulnerabilities database: VAR-202212-0864 Trust: 4.5 Fetched: Dec. 20, 2022, 9:23 a.m., Published: -	Vulnerabilities: code execution, denial of service

Affected products

External IDs

vendor:	cisco	model:	ip phone
vendor:	cisco	model:	ip phone 7800
vendor:	cisco	model:	link layer discovery protocol
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2022-20968

Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth Trust: 5.5 Fetched: Dec. 20, 2022, 9:23 a.m., Published: Dec. 7, 2022, 8 p.m.	Vulnerabilities: information disclosure, code execution

Affected products

External IDs

vendor:	google	model:	android
vendor:	samsung	model:	mobile
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	android phone

db:

NVD

ids:

CVE-2022-20498, CVE-2022-20473, CVE-2022-20411, CVE-2022-20472

Cisco Reports Critical IP Phone Vulnerability \| InTech IT Solutions Related entries in the VARIoT vulnerabilities database: VAR-202212-0864 Trust: 4.5 Fetched: Dec. 20, 2022, 9:23 a.m., Published: -	Vulnerabilities: code execution, denial of service

Affected products

External IDs

vendor:	cisco	model:	ip phone
vendor:	cisco	model:	ip phone 7800
vendor:	cisco	model:	link layer discovery protocol
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2022-20968

Cisco Reports Critical IP Phone Vulnerability \| Computer Sales and Services Related entries in the VARIoT vulnerabilities database: VAR-202212-0864 Trust: 4.5 Fetched: Dec. 20, 2022, 9:22 a.m., Published: -	Vulnerabilities: code execution, denial of service

Affected products

External IDs

vendor:	cisco	model:	ip phone
vendor:	cisco	model:	ip phone 7800
vendor:	cisco	model:	link layer discovery protocol
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2022-20968

Cisco Reports Critical IP Phone Vulnerability \| Computer Breakthrough Related entries in the VARIoT vulnerabilities database: VAR-202212-0864 Trust: 4.5 Fetched: Dec. 20, 2022, 9:22 a.m., Published: -	Vulnerabilities: code execution, denial of service

Affected products

External IDs

vendor:	cisco	model:	ip phone
vendor:	cisco	model:	ip phone 7800
vendor:	cisco	model:	link layer discovery protocol
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2022-20968

Vulnerability Assessment Report: A Beginners' Guide Trust: 3.5 Fetched: Dec. 20, 2022, 9:21 a.m., Published: March 28, 2022, 1:40 p.m.	Vulnerabilities: cross-site scripting, sql injection

Affected products

External IDs

vendor:

trend

model:

security

Cisco Reports Critical IP Phone Vulnerability \| ComTech Computer Services, Inc. Related entries in the VARIoT vulnerabilities database: VAR-202212-0864 Trust: 4.5 Fetched: Dec. 20, 2022, 9:21 a.m., Published: -	Vulnerabilities: code execution, denial of service

Affected products

External IDs

vendor:	cisco	model:	ip phone
vendor:	cisco	model:	ip phone 7800
vendor:	cisco	model:	link layer discovery protocol
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2022-20968

Cisco Warns of Many Old Vulnerabilities Being Exploited in Attacks \| SecurityWeek.Com Related entries in the VARIoT vulnerabilities database: VAR-201803-1369, VAR-201709-0655, VAR-201803-1387, VAR-201802-0594 Trust: 4.5 Fetched: Dec. 20, 2022, 9:20 a.m., Published: Dec. 20, 2022, midnight	Vulnerabilities: command execution, arbitrary command execution

Affected products

External IDs

vendor:	cisco	model:	small business rv series routers
vendor:	cisco	model:	series routers
vendor:	cisco	model:	small business
vendor:	cisco	model:	series
vendor:	cisco	model:	hyperflex
vendor:	cisco	model:	ip phone
vendor:	cisco	model:	rv132w
vendor:	cisco	model:	small business rv
vendor:	cisco	model:	rv134w
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	secure access control system
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	routers

db:

NVD

ids:

CVE-2018-0147, CVE-2017-12240, CVE-2018-0171, CVE-2021-1497, CVE-2018-0125

4 over-hyped security vulnerabilities of 2022 Related entries in the VARIoT vulnerabilities database: VAR-202203-1506 Trust: 3.75 Fetched: Dec. 20, 2022, 9:20 a.m., Published: Dec. 4, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2022-27492, CVE-2022-34718, CVE-2022-22965, CVE-2022-22963, CVE-2022-36934

Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability - Cisco Trust: 3.5 Fetched: Dec. 20, 2022, 9:19 a.m., Published: Dec. 16, 2022, 7:33 p.m.	Vulnerabilities: request forgery, cross-site request forgery

Affected products

External IDs

vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	cisco identity services engine

Millions of Android phones may be vulnerable to camera spying vulnerability Trust: 3.0 Fetched: Dec. 20, 2022, 9:19 a.m., Published: May 20, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Update now your devices now! Apple patches actively exploited vulnerability for iPhones Related entries in the VARIoT vulnerabilities database: VAR-202212-1751 Trust: 4.5 Fetched: Dec. 20, 2022, 9:19 a.m., Published: Dec. 16, 2022, 5:57 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	webkit
vendor:	apple	model:	safari
vendor:	apple	model:	ipad
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2022-42856

Security Answers from TechTarget Trust: 3.25 Fetched: Dec. 20, 2022, 9:11 a.m., Published: Dec. 3, 2022, midnight	Vulnerabilities: cross-site scripting, account lockout

Affected products

External IDs

vendor:	trend	model:	antivirus
vendor:	trend	model:	security

Securing Systems Before Going on a Holiday Trust: 3.75 Fetched: Dec. 18, 2022, 9:25 a.m., Published: Dec. 9, 2022, 1:57 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

essential

model:

phone

macOS Activation Lock Vulnerability discovered by r/Mac : apple Trust: 3.0 Fetched: Dec. 18, 2022, 9:25 a.m., Published: March 18, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

Protect Your Network with Zero-Day Threat Protection Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 5.5 Fetched: Dec. 18, 2022, 9:24 a.m., Published: Dec. 9, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security
vendor:	cisco	model:	guard

db:

NVD

ids:

CVE-2021-44228

Critical Update Now To Ios 11 2 2 To Patch Spectre And Meltdown Iphone Vulnerability \| grovetech Related entries in the VARIoT vulnerabilities database: VAR-201801-1712, VAR-201801-0826 Trust: 3.75 Fetched: Dec. 18, 2022, 9:23 a.m., Published: Dec. 14, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	watch
vendor:	apple	model:	ipad
vendor:	apple	model:	iphone
vendor:	apple	model:	ipod touch
vendor:	apple	model:	apple tv
vendor:	apple	model:	safari
vendor:	apple	model:	ipad air
vendor:	apple	model:	webkit

db:

NVD

ids:

CVE-2017-5753, CVE-2017-5715

New Galaxy S22 & A52 update brings latest vulnerability fixes Trust: 3.75 Fetched: Dec. 18, 2022, 9:22 a.m., Published: Dec. 18, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	note
vendor:	google	model:	android

Tenable Discloses Details of Vulnerability Discovered in a NETGEAR Router - Security MEA Trust: 3.0 Fetched: Dec. 18, 2022, 9:22 a.m., Published: Dec. 16, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	netgear	model:	netgear router
vendor:	netgear	model:	router

VARIoT news about IoT security