VARIoT latest news about IoT security

New Go-based Zerobot Botnet Exploiting Dozen of IoT Vulnerabilities to Expand its Network Trust: 3.0 Fetched: Dec. 7, 2022, 9:15 a.m., Published: Dec. 7, 2022, 4:03 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

d-link

model:

dns-320

The State of TCP/IP Security: What Project Memoria Foretold - Forescout Trust: 3.75 Fetched: Dec. 7, 2022, 9:14 a.m., Published: Dec. 6, 2022, noon	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

db:

NVD

ids:

CVE-2020-7461, CVE-2020-11899

Samsung December 2022 security update: Eligible devices, vulnerabilities fixed and more - Times of India Trust: 3.0 Fetched: Dec. 7, 2022, 9:13 a.m., Published: Dec. 7, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

samsung

model:

galaxy

Remote Code Execution Vulnerabilities Found in F5 Products \| SecurityWeek.Com Related entries in the VARIoT vulnerabilities database: VAR-202211-1139, VAR-202211-1118 Trust: 4.0 Fetched: Dec. 7, 2022, 9:13 a.m., Published: Dec. 7, 2022, midnight	Vulnerabilities: privilege escalation, request forgery, code execution...

Affected products

External IDs

db:

NVD

ids:

CVE-2022-41622, CVE-2022-41800

CyRC Vulnerability Advisory: Remote code execution vulnerabilities in mouse and keyboard apps \| Synopsys Trust: 4.5 Fetched: Dec. 7, 2022, 9:12 a.m., Published: Nov. 30, 2022, 1 p.m.	Vulnerabilities: weak password, code execution

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2022-45477, CVE-2022-45480, CVE-2022-45482, CVE-2022-45483, CVE-2022-45479, CVE-2022-45481, CVE-2022-45478

November-2022-Huawei Phone/Tablet Security Bulletins-Updates-HarmonyOSDevice Related entries in the VARIoT vulnerabilities database: VAR-202210-0355 Trust: 3.75 Fetched: Dec. 7, 2022, 9:12 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

huawei

model:

huawei

db:

NVD

ids:

CVE-2022-20271, CVE-2022-20268, CVE-2022-20399, CVE-2022-25666, CVE-2022-20413, CVE-2022-20341, CVE-2021-0986, CVE-2021-0645, CVE-2022-25664, CVE-2021-0975, CVE-2022-20278, CVE-2022-20292, CVE-2021-39758, CVE-2022-20297, CVE-2022-20324, CVE-2022-20412, CVE-2022-20274, CVE-2022-20423, CVE-2022-20290, CVE-2022-20415, CVE-2022-20421, CVE-2022-25720, CVE-2022-20422, CVE-2022-20302, CVE-2022-20272

How Axonius Customers Can Identify Assets Impacted by OpenSSL Vulnerability CVE-2022-3786 and CVE-2022-3602 Trust: 4.75 Fetched: Dec. 7, 2022, 9:11 a.m., Published: Oct. 31, 2022, midnight	Vulnerabilities: buffer overflow, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2022-3786, CVE-2022-3602

Anker's Eufy Security Camera Vulnerabilities Trust: 6.0 Fetched: Dec. 6, 2022, 9:21 a.m., Published: Dec. 5, 2022, 1:21 a.m.	Vulnerabilities: memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2022-29504, CVE-2022-29503

Smart inverters’ vulnerability to cyberattacks needs to be identified and countered, according to Concordia researchers - Concordia University Trust: 3.0 Fetched: Dec. 6, 2022, 9:21 a.m., Published: Nov. 29, 2022, 9:51 a.m.	Vulnerabilities: -

Affected products	External IDs

Nvidia patches 29 GPU driver bugs that could lead to code execution, device takeover Trust: 5.0 Fetched: Dec. 6, 2022, 9:20 a.m., Published: Dec. 29, 2022, midnight	Vulnerabilities: code execution, buffer overrun, denial of service...

Affected products

External IDs

db:

NVD

ids:

CVE-2022-42260, CVE-2022-34671, CVE-2022-34669, CVE-2022-34672, CVE-2022-34670, CVE-2022-42261

The FBI Warns of Top Critical Vulnerabilities for Businesses - Alliant Cybersecurity Trust: 3.75 Fetched: Dec. 6, 2022, 9:20 a.m., Published: -	Vulnerabilities: privilege escalation, feature bypass, buffer overflow...

Affected products

External IDs

db:

NVD

ids:

CVE-2022-41049, CVE-2022-4135, CVE-2021-35587, CVE-2022-41091, CVE-2022-41073

All Android devices are in danger… A new vulnerability has emerged \| Daily News GO Trust: 3.0 Fetched: Dec. 6, 2022, 9:19 a.m., Published: Dec. 6, 2022, 5:54 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

A new vulnerability has been discovered that puts almost all Android devices at risk: even system apps are not safe \| Div Bracket Trust: 3.0 Fetched: Dec. 6, 2022, 9:18 a.m., Published: Dec. 5, 2022, 11:37 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Multiple Vulnerabilities in Google Android OS Could Allow for Arbitrary Code Execution Trust: 5.25 Fetched: Dec. 6, 2022, 9:18 a.m., Published: Nov. 30, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

Address Medical Device Vulnerabilities to Protect Healthcare System Cybersecurity - Healthcare Business Today Trust: 3.0 Fetched: Dec. 6, 2022, 9:17 a.m., Published: Dec. 4, 2022, 5:42 p.m.	Vulnerabilities: -

Affected products	External IDs

Google Reveals Spyware Vendor's Use of Samsung Phone Zero-Day Exploits \| SecurityWeek.Com Trust: 4.5 Fetched: Dec. 6, 2022, 9:14 a.m., Published: Dec. 6, 2022, midnight	Vulnerabilities: code execution, information leak

Affected products

External IDs

vendor:	samsung	model:	note
vendor:	google	model:	android
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2021-25337, CVE-2021-25369, CVE-2021-25370

Uncover RF Security Vulnerabilities with SDRs - Embedded Computing Design Trust: 4.25 Fetched: Dec. 6, 2022, 9:13 a.m., Published: Sept. 9, 2022, midnight	Vulnerabilities: replay attack, denial of service, information disclosure

Affected products

External IDs

vendor:

mesh

model:

mesh

Google Rolls Out Emergency Patch for Ninth Zero-Day Chrome Vulnerability of 2022 \| Spiceworks 1 Related entries in the VARIoT vulnerabilities database: VAR-202205-1370, VAR-202203-1921 Trust: 5.25 Fetched: Dec. 6, 2022, 9:12 a.m., Published: Dec. 5, 2022, midnight	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	home

db:

NVD

ids:

CVE-2022-3723, CVE-2022-2856, CVE-2022-0609, CVE-2022-4135, CVE-2022-3075, CVE-2022-2294, CVE-2022-4262, CVE-2022-1364, CVE-2022-1096

Kandji Announces New Device Harmony Platform, Tears Down the Wall Between IT and InfoSec to Keep Enterprise Apple Users Secure and Productive Trust: 3.0 Fetched: Dec. 6, 2022, 9:11 a.m., Published: Oct. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

Vulnerability not yet fixed leaves millions of Android phones at risk - PhoneArena Trust: 4.75 Fetched: Dec. 6, 2022, 9:11 a.m., Published: Dec. 15, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	notes
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	android phone
vendor:	samsung	model:	exynos
vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2022-33917, CVE-2022-36449

VARIoT news about IoT security