VARIoT latest news about IoT security

23-055 (December 12, 2023) - Threat Encyclopedia Trust: 3.75 Fetched: Dec. 13, 2023, 9:40 a.m., Published: Dec. 12, 2023, midnight	Vulnerabilities: denial of service, sql injection, path traversal...

Affected products

External IDs

db:

NVD

ids:

CVE-2023-22273, CVE-2023-22275, CVE-2023-35187, CVE-2023-44371, CVE-2023-22272, CVE-2023-48646, CVE-2019-6445, CVE-2023-35185, CVE-2019-6443, CVE-2023-42123

Dell Latitude 7210 2-in-1 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Dec. 13, 2023, 9:39 a.m., Published: Feb. 13, 7210, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	latitude
vendor:	dell	model:	bios

CISA finally removes dud vulnerability from must-patch list • The Register Related entries in the VARIoT vulnerabilities database: VAR-202205-1480, VAR-202205-1549, VAR-202205-1571 Trust: 4.75 Fetched: Dec. 13, 2023, 9:38 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

vendor:	d-link	model:	router
vendor:	d-link	model:	dir-816l

db:

NVD

ids:

CVE-2022-28956, CVE-2022-28955, CVE-2022-28958

IT security update November 2023: Critical vulnerabilities and threats - Greenbone Trust: 5.25 Fetched: Dec. 13, 2023, 9:36 a.m., Published: Nov. 22, 2023, 10:24 a.m.	Vulnerabilities: authentication bypass, privilege escalation, sql injection...

Affected products

External IDs

vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	networks
vendor:	palo	model:	firewall
vendor:	palo	model:	networks
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	security manager
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco ios xe
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2023-20198, CVE-2023-38545, CVE-2023-35187, CVE-2023-20273, CVE-2023-46748, CVE-2023-46747, CVE-2023-34048, CVE-2023-35182, CVE-2023-0568, CVE-2023-34056, CVE-2023-0567, CVE-2023-35185, CVE-2023-3824

Dell Latitude 7290/7390/7490 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.0 Fetched: Dec. 13, 2023, 9:36 a.m., Published: Dec. 11, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	dell	model:	latitude
vendor:	dell	model:	latitude 7290

System BIOS do komputerów Alienware m15/m17 R2 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Dec. 13, 2023, 9:35 a.m., Published: Dec. 8, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Dell G15 5525 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Dec. 13, 2023, 9:34 a.m., Published: Dec. 8, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Electronics \| Free Full-Text \| Detection of Vulnerabilities in Smart Buildings Using the Shodan Tool Related entries in the VARIoT vulnerabilities database: VAR-201706-1000 Trust: 5.0 Fetched: Dec. 13, 2023, 9:31 a.m., Published: Jan. 13, 2023, midnight	Vulnerabilities: denial of service, code injection, side channel attack...

Affected products

External IDs

vendor:	trend	model:	security
vendor:	ecobee	model:	smart thermostat
vendor:	belkin	model:	wemo switch
vendor:	belkin	model:	router
vendor:	essential	model:	phone
vendor:	tp-link	model:	wr841n
vendor:	tp-link	model:	routers
vendor:	tp-link	model:	gateway
vendor:	d-link	model:	d-link dcs-2121
vendor:	d-link	model:	dcs-2121
vendor:	d-link	model:	router
vendor:	rapid	model:	scada
vendor:	google	model:	wifi
vendor:	google	model:	home
vendor:	siemens	model:	ip camera

db:

NVD

ids:

CVE-2018-1312, CVE-2019-0211, CVE-2018-17199, CVE-2017-15906, CVE-2017-7679, CVE-2019-0220, CVE-2018-15919

WinRAR CVE-2023-38831 Vulnerability: Malware Exploits & APT Attacks Trust: 4.5 Fetched: Dec. 13, 2023, 9:25 a.m., Published: -	Vulnerabilities: session hijacking, file execution, privilege escalation...

Affected products

External IDs

vendor:

rarlab

model:

winrar

db:

NVD

ids:

CVE-2023-38831

System BIOS komputera Dell Precision Rack 7910 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Dec. 13, 2023, 9:24 a.m., Published: Dec. 13, 7910, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

What is Vulnerability Management? \| Kaseya Trust: 3.0 Fetched: Dec. 13, 2023, 9:22 a.m., Published: Jan. 12, 2023, 6:58 p.m.	Vulnerabilities: denial of service

Affected products	External IDs

Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection \| Microsoft Security Blog Related entries in the VARIoT vulnerabilities database: VAR-202108-2056 Trust: 3.75 Fetched: Dec. 13, 2023, 9:19 a.m., Published: Oct. 28, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

db:

NVD

ids:

CVE-2021-30892

7.3.3 Quiz - Cloud, Mobile, and IoT Security Answers Full 100% Trust: 4.25 Fetched: Dec. 13, 2023, 9:17 a.m., Published: Oct. 15, 2023, 11:59 a.m.	Vulnerabilities: injection attack, resource exhaustion, privilege escalation...

Affected products

External IDs

vendor:	rapid	model:	scada
vendor:	clamav	model:	clamav

CVE-2023-38545, CVE-2023-38546: Frequently Asked Questions for New Vulnerabilities in curl - Blog \| Tenable® Trust: 5.0 Fetched: Dec. 13, 2023, 9:16 a.m., Published: Oct. 5, 2023, 12:58 a.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2023-38546, CVE-2023-38545

CVE-2023-20048: Unauthorized Configuration Commands Execution in Cisco Firepower Management Center Trust: 3.75 Fetched: Dec. 13, 2023, 9:16 a.m., Published: Nov. 1, 2023, 6:15 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco firepower management center

db:

NVD

ids:

CVE-2023-20048

System BIOS komputera Dell Precision Rack 7910 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Dec. 13, 2023, 9:15 a.m., Published: Dec. 13, 7910, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Qualcomm Vulnerabilities in Android Devices \| Lookout Threat Intelligence Related entries in the VARIoT vulnerabilities database: VAR-202312-0888 Trust: 4.0 Fetched: Dec. 13, 2023, 9:07 a.m., Published: Dec. 12, 2023, midnight	Vulnerabilities: integer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2023-33063, CVE-2023-33106, CVE-2023-33107

Distributed Denial-of-Service (DDoS) Attack - Source Defense Trust: 3.0 Fetched: Dec. 12, 2023, 9:50 a.m., Published: -	Vulnerabilities: denial of service

Affected products	External IDs

Google Bug Bounty Program: Protecting Your Android Device - USA Herald Trust: 3.5 Fetched: Dec. 12, 2023, 9:50 a.m., Published: Dec. 9, 2023, 11:55 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Citrix Bleed and Monitoring Network Devices - Malware News - Malware Analysis, News and Indicators Trust: 4.5 Fetched: Dec. 12, 2023, 9:48 a.m., Published: Dec. 5, 2023, 5:10 p.m.	Vulnerabilities: memory corruption, command injection, default credentials

Affected products

External IDs

vendor:	citrix	model:	netscaler
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2023-4966

VARIoT news about IoT security