Sign-up

VARIoT news about IoT security

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202103-0773

Trust: 4.75

Fetched: Nov. 1, 2023, 9:11 a.m., Published: Nov. 3, 2023, midnight
 Vulnerabilities: privilege escalation, command injection
Affected productsExternal IDs
vendor: cisco model: ios xe
db: NVD ids: CVE-2023-20198, CVE-2021-1435

6 Best Network Vulnerability Scanning Tools for Security Teams in 2023

Trust: 3.5

Fetched: Nov. 1, 2023, 9:10 a.m., Published: Oct. 20, 2023, 9:47 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: essential model: phone
vendor: manageengine model: network configuration manager

Apple, Google, and Microsoft Just Patched Some Spooky Security Flaws | WIRED UK

Trust: 5.5

Fetched: Nov. 1, 2023, 9:04 a.m., Published: Oct. 31, 2023, 11 a.m.
 Vulnerabilities: information disclosure, denial of service, cross-site scripting...
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
vendor: citrix model: netscaler gateway
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: series
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: netscaler gateway
vendor: samsung model: notes
vendor: samsung model: galaxy
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2023-34056, CVE-2023-40129, CVE-2023-34048, CVE-2023-4967, CVE-2023-20273, CVE-2023-42474, CVE-2023-20198, CVE-2023-4966

CVE-2023-35082: Unauthenticated API Access Vulnerability in MobileIron Core

Trust: 3.0

Fetched: Nov. 1, 2023, 9:04 a.m., Published: Aug. 7, 2023, 1:52 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-35078, CVE-2023-35081, CVE-2023-35082

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Trust: 3.5

Fetched: Oct. 31, 2023, 9:28 a.m., Published: Oct. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2022-43677

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Trust: 3.5

Fetched: Oct. 31, 2023, 9:27 a.m., Published: Oct. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2022-43677

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Trust: 3.5

Fetched: Oct. 31, 2023, 9:27 a.m., Published: Oct. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2022-43677

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Trust: 3.5

Fetched: Oct. 31, 2023, 9:27 a.m., Published: Oct. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2022-43677

The Cloud | Russ Harvey Consulting

Trust: 3.5

Fetched: Oct. 31, 2023, 9:20 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: blackberry model: smartphone
vendor: blackberry model: blackberry
vendor: google model: android
vendor: google model: home
vendor: google model: wifi
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: macos
vendor: trend model: security

Phosphorus Releases Mitigation Solutions for Critical Cisco

Trust: 4.25

Fetched: Oct. 31, 2023, 9:16 a.m., Published: Oct. 17, 2023, midnight
 Vulnerabilities: privilege escalation, default credentials
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: access points
vendor: cisco model: ios xe
vendor: cisco model: routers
db: NVD ids: CVE-2023-20198

Quantum Machine Learning for Security Assessment in IoMT | Encyclopedia MDPI

Trust: 3.75

Fetched: Oct. 31, 2023, 9:16 a.m., Published: Oct. 1, 2023, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

Cisco IOS XE Security Alert: Zero-Days Vulnerability Patched

Trust: 3.75

Fetched: Oct. 31, 2023, 9:15 a.m., Published: Oct. 27, 2023, 5:09 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
db: NVD ids: CVE-2023-20198, CVE-2023-20273

Exploring the latest injection attack trends in web applications | by Land2Cyber | Oct, 2023 | Medium

Trust: 3.75

Fetched: Oct. 31, 2023, 9:14 a.m., Published: Oct. 31, 2023, midnight
 Vulnerabilities: denial of service, injection attack, command injection...
Affected productsExternal IDs

Exploit released for critical Cisco IOS XE flaw, many hosts still hacked - RedPacket Security

Trust: 3.75

Fetched: Oct. 31, 2023, 9:13 a.m., Published: Oct. 31, 2023, 5:02 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: openresty model: openresty
vendor: cisco model: cisco ios xe
vendor: cisco model: catalyst
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
db: NVD ids: CVE-2023-20198

Versa Security Bulletin: Cisco IOS XE Web UI Privilege Escalation Vulnerability affecting upwards of 50k devices (patched) - The Versa Networks Blog

Trust: 5.75

Fetched: Oct. 31, 2023, 9:12 a.m., Published: Oct. 26, 2023, 7:16 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: sd-wan
vendor: cisco model: ios xe
vendor: cisco model: routers
db: NVD ids: CVE-2023-20198, CVE-2023-20273

WiFi IoT Device Security Issues Found on ESP32 and ESP8266

Trust: 3.75

Fetched: Oct. 31, 2023, 9:11 a.m., Published: Dec. 18, 2020, 4:16 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2019-12587, CVE-2019-12586, CVE-2019-12588

Cisco IOS XE Privilege Escalation Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202103-0773

Trust: 5.0

Fetched: Oct. 31, 2023, 9:06 a.m., Published: Oct. 3, 2023, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
db: NVD ids: CVE-2023-20198, CVE-2021-1435

“This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard | Ars Technica

Trust: 4.5

Fetched: Oct. 31, 2023, 9:04 a.m., Published: Oct. 30, 2023, 9:39 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: citrix model: netscaler application delivery controller
vendor: citrix model: application delivery controller
vendor: citrix model: gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler gateway
db: NVD ids: CVE-2023-4966

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Trust: 3.5

Fetched: Oct. 29, 2023, 9:26 a.m., Published: Oct. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2022-43677

Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation

Trust: 3.75

Fetched: Oct. 29, 2023, 9:26 a.m., Published: Oct. 3, 2023, 4:58 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: android
db: NVD ids: CVE-2023-26083, CVE-2023-4863, CVE-2023-33200, CVE-2023-34970, CVE-2023-4211