Sign-up

VARIoT news about IoT security

Nozomi Networks Publishes Vulnerabilities in Siemens Desigo Devices

Related entries in the VARIoT vulnerabilities database: VAR-202210-0387, VAR-202210-0385, VAR-202210-0386, VAR-202210-0382, VAR-202210-0383, VAR-202210-0388, VAR-202210-0384

Trust: 3.5

Fetched: Nov. 8, 2022, 9:25 a.m., Published: Oct. 19, 2022, 8:36 p.m.
 Vulnerabilities: cross-site scripting, request forgery, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2022-40177, CVE-2022-40179, CVE-2022-40180, CVE-2022-40181, CVE-2022-40182, CVE-2022-40176, CVE-2022-40178

Cisco Patches High-Severity Vulnerability in Security Solutions | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202201-0872, VAR-202204-1722

Trust: 4.0

Fetched: Nov. 8, 2022, 9:24 a.m., Published: Nov. 8, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: asa 5508-x
vendor: cisco model: adaptive security device manager
vendor: cisco model: security device manager
vendor: cisco model: firepower
vendor: cisco model: adaptive security appliance
vendor: cisco model: clientless ssl vpn
vendor: cisco model: asa 5506h-x
vendor: cisco model: ios xr
vendor: cisco model: firepower 2100
vendor: cisco model: asa 5506-x
vendor: cisco model: asa software
vendor: cisco model: asa 5516-x
vendor: cisco model: series
vendor: cisco model: asa 5506w-x
vendor: cisco model: firepower threat defense
vendor: cisco model: email security appliance
vendor: cisco model: asdm
vendor: cisco model: device manager
db: NVD ids: CVE-2022-20866, CVE-2022-20651, CVE-2022-20713, CVE-2022-20828

EZVIZ - Creating Easy Smart Homes

Trust: 4.75

Fetched: Nov. 8, 2022, 9:22 a.m., Published: Nov. 10, 2022, midnight
 Vulnerabilities: memory initialization vulnerability, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2022-2472, CVE-2022-2471

Android Security Updates Patch Critical Vulnerabilities | SecurityWeek.Com

Trust: 5.5

Fetched: Nov. 8, 2022, 9:22 a.m., Published: Nov. 8, 2022, midnight
 Vulnerabilities: information disclosure, denial of service, code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2022-20231, CVE-2022-20364, CVE-2022-20419

Block vulnerable applications (beta) | Microsoft Learn

Trust: 3.0

Fetched: Nov. 8, 2022, 9:22 a.m., Published: Oct. 19, 2022, 9:04 p.m.
 Vulnerabilities: file execution
Affected productsExternal IDs

Android vulnerabilities could allow arbitrary code execution

Related entries in the VARIoT vulnerabilities database: VAR-202210-0329

Trust: 5.75

Fetched: Nov. 8, 2022, 9:21 a.m., Published: Oct. 27, 2022, 9:01 p.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2022-25718, CVE-2022-25748, CVE-2022-20419, CVE-2022-25720

Explained: The vulnerabilities in Apple that India’s IT Minister has flagged - and why you must update your iPhone now | Explained News,The Indian Express

Trust: 4.75

Fetched: Nov. 8, 2022, 9:21 a.m., Published: Aug. 19, 2022, 8:57 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipod touch
vendor: apple model: macos

Critical Vulnerabilities Found in Device42 Asset Management Platform | SecurityWeek.Com

Trust: 6.0

Fetched: Nov. 8, 2022, 9:20 a.m., Published: Nov. 8, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: cisco nx-os
vendor: cisco model: nx-os
vendor: cisco model: nexus
db: NVD ids: CVE-2022-1400, CVE-2022-1399, CVE-2022-1401

Microsoft Defender for Endpoint - Mobile Threat Defense | Microsoft Learn

Trust: 3.0

Fetched: Nov. 8, 2022, 9:20 a.m., Published: Sept. 29, 2022, 10:52 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

What is the new serious Apple vulnerability and how do you protect yourself from it? | Science & Tech News | Sky News

Trust: 3.0

Fetched: Nov. 8, 2022, 9:20 a.m., Published: Aug. 22, 2022, 7:13 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos

Critical RCE Vulnerability Affects Zyxel NAS Devices - Firmware Patch Released

Related entries in the VARIoT vulnerabilities database: VAR-202207-1385, VAR-202207-1298

Trust: 5.5

Fetched: Nov. 8, 2022, 9:19 a.m., Published: Sept. 7, 2022, 5:28 a.m.
 Vulnerabilities: directory traversal, privilege escalation, format string vulnerability...
Affected productsExternal IDs
vendor: zyxel model: nas542
vendor: zyxel model: nas540
vendor: zyxel model: nas326
vendor: qnap model: photo station
db: NVD ids: CVE-2022-2030, CVE-2022-34747, CVE-2022-0823, CVE-2022-30526

Lorenz Ransomware Gang Exploits Mitel VoIP Appliance Vulnerability in Attacks | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202204-1874

Trust: 6.0

Fetched: Nov. 8, 2022, 9:18 a.m., Published: Nov. 8, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: mitel model: mivoice connect
db: NVD ids: CVE-2022-29499

Detecting Vulnerability on IoT Device Firmware: A Survey

Trust: 4.25

Fetched: Nov. 8, 2022, 9:15 a.m., Published: Nov. 7, 2022, midnight
 Vulnerabilities: integer overflow, denial of service, code execution...
Affected productsExternal IDs
vendor: samsung smartthings model: printer
vendor: samsung smartthings model: printers
vendor: samsung model: printer
vendor: samsung model: printers

EZVIZ - Notice about Vulnerabilities in Some EZVIZ Products 20220914

Trust: 4.75

Fetched: Nov. 8, 2022, 9:13 a.m., Published: Sept. 14, 2022, midnight
 Vulnerabilities: memory initialization vulnerability, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2022-2472, CVE-2022-2471

Exploits and exploit kits | Microsoft Learn

Related entries in the VARIoT vulnerabilities database: VAR-201601-0030

Trust: 3.0

Fetched: Nov. 8, 2022, 9:12 a.m., Published: Oct. 19, 2022, 9:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2013-1489, CVE-2017-0144, CVE-2016-0778

Medical device vulnerability could let hackers steal Wi-Fi credentials | CSO Online

Trust: 3.75

Fetched: Nov. 8, 2022, 9:10 a.m., Published: Sept. 9, 2022, midnight
 Vulnerabilities: format string vulnerability
Affected productsExternal IDs

Critical WhatsApp Vulnerabilities Allow Attackers Remote Device Hacking

Trust: 3.75

Fetched: Nov. 4, 2022, 8:18 p.m., Published: Sept. 28, 2022, 11:53 a.m.
 Vulnerabilities: memory corruption, integer overflow, privilege escalation...
Affected productsExternal IDs
db: NVD ids: CVE-2022-36934, CVE-2022-27492

Cisco warns of ISE vulnerability with no fixed release or workaround

Related entries in the VARIoT vulnerabilities database: VAR-202210-1641, VAR-202210-1371

Trust: 5.75

Fetched: Nov. 4, 2022, 8:18 p.m., Published: Oct. 27, 2022, 9:06 p.m.
 Vulnerabilities: path traversal, denial of service, cross-site scripting...
Affected productsExternal IDs
vendor: cisco model: meraki mx
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine
db: NVD ids: CVE-2022-20959, CVE-2022-20933, CVE-2022-20822

Vulnerabilities in aircraft wireless network devices expose users to hacking - SiliconANGLE

Trust: 5.0

Fetched: Nov. 4, 2022, 8:16 p.m., Published: Sept. 16, 2022, 12:24 a.m.
 Vulnerabilities: default password
Affected productsExternal IDs
db: NVD ids: CVE-2022-36158, CVE-2022-36159

Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684Security Affairs

Related entries in the VARIoT vulnerabilities database: VAR-202210-0198

Trust: 5.75

Fetched: Nov. 4, 2022, 8:13 p.m., Published: Oct. 18, 2022, 7:56 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-40684