VARIoT latest news about IoT security

New Apple Vulnerabilities Identified: Top Takeaways from Recent Discovery - Zimperium Trust: 4.5 Fetched: March 10, 2023, 9:27 a.m., Published: March 9, 2023, 6:50 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	iphone
vendor:	apple	model:	macos

10 Most Common Types of Cyber Attacks Today \| CrowdStrike Trust: 3.25 Fetched: March 10, 2023, 9:26 a.m., Published: March 8, 2023, 5:22 p.m.	Vulnerabilities: brute force attack, code injection, denial of service...

Affected products

External IDs

vendor:	nokia	model:	series
vendor:	nokia	model:	impact
vendor:	essential	model:	phone

Apple fixes new WebKit zero-day exploited to hack iPhones, Macs Related entries in the VARIoT vulnerabilities database: VAR-202302-1097, VAR-202302-1169 Trust: 5.5 Fetched: March 10, 2023, 9:25 a.m., Published: -	Vulnerabilities: use after free, code execution

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	safari
vendor:	apple	model:	webkit
vendor:	apple	model:	ipad air
vendor:	apple	model:	iphone
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2023-23529, CVE-2023-23514

3 Types of Vulnerability Scanners Explained \| Datamation Trust: 4.25 Fetched: March 10, 2023, 9:25 a.m., Published: March 8, 2023, 9:20 p.m.	Vulnerabilities: command injection, cross-site scripting

Affected products

External IDs

vendor:	trend	model:	security
vendor:	trend	model:	antivirus
vendor:	google	model:	home

5 Reasons You Should Care About Unmanaged Assets Trust: 3.75 Fetched: March 10, 2023, 9:24 a.m., Published: March 23, 2023, midnight	Vulnerabilities: default credentials

Affected products	External IDs

Recent Data Breaches - 2023 Trust: 3.5 Fetched: March 10, 2023, 9:23 a.m., Published: March 9, 2023, 11:08 p.m.	Vulnerabilities: session hijacking

Affected products

External IDs

vendor:	samsung	model:	note
vendor:	samsung	model:	mobile
vendor:	apple	model:	safari
vendor:	apple	model:	webkit
vendor:	apple	model:	macos

Android Update Fixes Critical Vulnerabilities \| SecureTeam Related entries in the VARIoT vulnerabilities database: VAR-202303-0155 Trust: 4.75 Fetched: March 10, 2023, 9:23 a.m., Published: March 8, 2023, 12:25 p.m.	Vulnerabilities: buffer overflow, memory corruption, improper validation...

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2023-20954, CVE-2023-20951, CVE-2022-33256, CVE-2022-33213

Top 10 Cybersecurity Threats in 2023 \| Embroker Trust: 3.75 Fetched: March 10, 2023, 9:22 a.m., Published: Jan. 26, 2022, 3:10 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

BitSight identifies thousands of organizations using Internet-facing and exposed webcams \| BitSight Trust: 3.75 Fetched: March 10, 2023, 9:22 a.m., Published: March 9, 2023, midnight	Vulnerabilities: access control vulnerability

Affected products

External IDs

db:

NVD

ids:

CVE-2022-34150

Android Critical Vulnerabilities CVE-2023-20951 and CVE-2023-20954: Description, Impact, Vulnerable Devices, and Mitigation Trust: 5.0 Fetched: March 10, 2023, 9:21 a.m., Published: March 3, 2023, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2023-20954, CVE-2023-20951

Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610) - Help Net Security Trust: 5.25 Fetched: March 10, 2023, 9:21 a.m., Published: March 9, 2023, 11:11 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

fortigate

model:

fortios

db:

NVD

ids:

CVE-2023-25610

Vulnerability scanner for Linux \| Intruder Related entries in the VARIoT vulnerabilities database: VAR-202203-0043, VAR-202101-1926 Trust: 4.5 Fetched: March 10, 2023, 9:20 a.m., Published: May 10, 2023, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	trend	model:	security
vendor:	trend	model:	antivirus

db:

NVD

ids:

CVE-2022-0847, CVE-2021-41073, CVE-2021-3156

Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability Trust: 5.0 Fetched: March 10, 2023, 9:19 a.m., Published: March 8, 2023, 3:32 p.m.	Vulnerabilities: information disclosure

Affected products

External IDs

vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	ios xr

Akuvox Smart Intercom Vulnerabilities Leave Privacy Ajar \| Claroty Trust: 4.75 Fetched: March 10, 2023, 9:19 a.m., Published: March 9, 2023, midnight	Vulnerabilities: command injection, default password, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-0348, CVE-2023-0351, CVE-2023-0354

Update Android now! Two critical vulnerabilities patched Related entries in the VARIoT vulnerabilities database: VAR-202303-0155 Trust: 5.75 Fetched: March 10, 2023, 9:18 a.m., Published: March 9, 2023, 1:43 p.m.	Vulnerabilities: memory corruption, information disclosure, code execution...

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2022-33256, CVE-2023-20951, CVE-2021-33655, CVE-2022-33213, CVE-2023-20954

Critical Vulnerability in Cisco IP Phones Trust: 3.25 Fetched: March 10, 2023, 9:18 a.m., Published: March 10, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

cisco

model:

ip phones

Fortinet Admits Many Devices Still Unprotected Against Exploited Vulnerability - SecurityWeek Related entries in the VARIoT vulnerabilities database: VAR-202210-0198 Trust: 4.0 Fetched: March 10, 2023, 9:17 a.m., Published: Jan. 23, 2023, midnight	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2022-40684

Electronics \| Free Full-Text \| Analysis of Consumer IoT Device Vulnerability Quantification Frameworks Trust: 4.0 Fetched: March 10, 2023, 9:13 a.m., Published: Jan. 10, 2023, midnight	Vulnerabilities: code execution, code injection, data injection...

Affected products

External IDs

vendor:	symantec	model:	system works
vendor:	belkin	model:	router
vendor:	google	model:	google home
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	tp-link	model:	routers
vendor:	tp-link	model:	gateway
vendor:	trend	model:	security

Netgear RAX30 Multiple Vulnerabilities - Research Advisory \| Tenable® Trust: 4.5 Fetched: March 10, 2023, 9:13 a.m., Published: March 8, 2023, 9:22 p.m.	Vulnerabilities: request forgery, cross-site request forgery, code execution...

Affected products

External IDs

db:

NVD

ids:

CVE-2023-27851, CVE-2023-27852, CVE-2023-1205, CVE-2023-27850, CVE-2023-27853

New Vulnerabilities Found in TPM 2.0 Library That Could be a Potential Threat to Billions of Devices \| TechPowerUp Forums Trust: 3.0 Fetched: March 8, 2023, 9:12 a.m., Published: March 2, 2023, midnight	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2023-1017, CVE-2023-1018

VARIoT news about IoT security