VARIoT latest news about IoT security

Mobile Security: Threats and Best Practices Trust: 3.25 Fetched: Dec. 27, 2023, 9:25 a.m., Published: Dec. 7, 2020, midnight	Vulnerabilities: cross-site scripting, privilege escalation

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	home
vendor:	blackberry	model:	link
vendor:	blackberry	model:	smartphone
vendor:	blackberry	model:	blackberry
vendor:	essential	model:	phone
vendor:	trend	model:	security
vendor:	trend	model:	antivirus

8 Free and Open Source Patch Management Tools Your Company Needs Trust: 3.5 Fetched: Dec. 27, 2023, 9:18 a.m., Published: Feb. 20, 2023, 2 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	apple	model:	macos

CVE-2023-38039 - Security Update Guide - Microsoft - Hackerone: CVE-2023-38039 HTTP headers eat all memory Trust: 4.25 Fetched: Dec. 27, 2023, 9:17 a.m., Published: -	Vulnerabilities: denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2023-38039

New Sneaky Xamalicious Android Malware Hits Over 327,000 Devices Trust: 3.0 Fetched: Dec. 27, 2023, 9:16 a.m., Published: Dec. 27, 2023, 8:24 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Hackers Exploit Fingerprint Sensor Vulnerabilities to Bypass Windows Hello Trust: 3.75 Fetched: Dec. 27, 2023, 9:15 a.m., Published: Nov. 23, 2023, 1:43 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	lenovo	model:	system
vendor:	lenovo	model:	thinkpad

db:

NVD

ids:

CVE-2021-34466

Update Chrome ASAP to patch this zero-day security flaw \| Android Central Trust: 4.75 Fetched: Dec. 26, 2023, 9:36 a.m., Published: Nov. 30, 2023, 2:12 a.m.	Vulnerabilities: code execution, integer overflow

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2023-6345

Network Defense - My Knowledge Check Answers Trust: 3.25 Fetched: Dec. 26, 2023, 9:34 a.m., Published: Dec. 20, 2023, 10:09 a.m.	Vulnerabilities: account lockout, message forgery

Affected products

External IDs

vendor:	wireshark	model:	wireshark
vendor:	cisco	model:	intrusion prevention system
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	router
vendor:	cisco	model:	wireless controller
vendor:	cisco	model:	hsrp

Google fixes three Chromecast device vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202312-2135, VAR-202312-2038, VAR-202312-1510 Trust: 3.5 Fetched: Dec. 26, 2023, 9:32 a.m., Published: Dec. 6, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	chromecast

db:

NVD

ids:

CVE-2023-6181, CVE-2023-48425, CVE-2023-48424

What to Look for in a VPN: Important Considerations Trust: 3.5 Fetched: Dec. 26, 2023, 9:32 a.m., Published: Dec. 20, 2023, 5:18 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	mesh	model:	mesh
vendor:	essential	model:	phone
vendor:	google	model:	wifi
vendor:	google	model:	home
vendor:	google	model:	google wifi
vendor:	google	model:	android

20 Most Dangerous Ransomware Attacks in the World 2023 - Top and Trending Trust: 3.75 Fetched: Dec. 26, 2023, 9:30 a.m., Published: Dec. 22, 2023, 4:32 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Mal... - vulnerability database \| Vulners.com Trust: 3.75 Fetched: Dec. 26, 2023, 9:30 a.m., Published: Dec. 4, 2023, 6:53 a.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:	lenovo	model:	system
vendor:	lenovo	model:	bios

Government Warns iPhone Users, Says High-Risk Of Losing Sensitive Info Trust: 3.75 Fetched: Dec. 26, 2023, 9:29 a.m., Published: Dec. 16, 2023, 4:24 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	apple	model:	safari
vendor:	apple	model:	iphone
vendor:	apple	model:	tvos
vendor:	apple	model:	macos
vendor:	apple	model:	watchos
vendor:	samsung	model:	samsung mobile
vendor:	samsung	model:	mobile
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	samsung galaxy

160 Cybersecurity Statistics: Updated Report 2024 Trust: 3.5 Fetched: Dec. 26, 2023, 9:27 a.m., Published: Dec. 19, 2022, 4:48 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	blackberry	model:	blackberry
vendor:	sonicwall	model:	web application firewall
vendor:	trend	model:	security
vendor:	trend	model:	antivirus
vendor:	trend	model:	password manager

Morphisec Fortifies Capabilities with Next-gen Risk-Based Vulnerability Prioritization Trust: 4.5 Fetched: Dec. 26, 2023, 9:26 a.m., Published: Dec. 12, 2023, midnight	Vulnerabilities: code injection

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2023-4863

Ubiquiti fixes massive bug that allowed users to view others' security cameras \| TechSpot Trust: 3.25 Fetched: Dec. 26, 2023, 9:24 a.m., Published: Dec. 26, 4070, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

ubiquiti

model:

unifi

The potential cyber security risks of smart devices \| TechRadar Trust: 3.25 Fetched: Dec. 26, 2023, 9:22 a.m., Published: Dec. 25, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	blackberry	model:	blackberry
vendor:	blackberry	model:	link
vendor:	apple	model:	watch
vendor:	essential	model:	phone
vendor:	tp-link	model:	routers
vendor:	tp-link	model:	gateway
vendor:	google	model:	google home
vendor:	google	model:	wifi
vendor:	google	model:	home
vendor:	google	model:	android

UPnP flaw exposes millions of network devices to attacks over the Internet \| Ars Technica Related entries in the VARIoT vulnerabilities database: VAR-202006-0391 Trust: 4.5 Fetched: Dec. 26, 2023, 9:21 a.m., Published: June 11, 2020, 10:30 a.m.	Vulnerabilities: request forgery, denial of service

Affected products

External IDs

vendor:	asus	model:	asus
vendor:	asus	model:	routers
vendor:	asus	model:	router
vendor:	zyxel	model:	vmg8324-b10a
vendor:	huawei	model:	huawei
vendor:	huawei	model:	hg255s
vendor:	broadcom	model:	adsl
vendor:	broadcom	model:	linux
vendor:	tp-link	model:	routers
vendor:	cisco	model:	routers
vendor:	cisco	model:	router
vendor:	cisco	model:	series
vendor:	samsung	model:	printer
vendor:	samsung	model:	printers
vendor:	samsung	model:	tv
vendor:	d-link	model:	router

db:

NVD

ids:

CVE-2020-12695

Apple releases urgent security fix for iPhone and Mac devices \| TechRadar Related entries in the VARIoT vulnerabilities database: VAR-202202-0109, VAR-202201-0561, VAR-202201-0554 Trust: 3.75 Fetched: Dec. 26, 2023, 9:09 a.m., Published: Feb. 11, 2022, 1:35 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	mac os
vendor:	apple	model:	ipad
vendor:	apple	model:	iphone
vendor:	apple	model:	macos
vendor:	apple	model:	ipod touch
vendor:	apple	model:	ipad air

db:

NVD

ids:

CVE-2022-22620, CVE-2022-22587, CVE-2022-22594

Assessing the Security of Wireless Communication in Solar Energy Trust: 3.75 Fetched: Dec. 24, 2023, 10:25 a.m., Published: Dec. 4, 2023, midnight	Vulnerabilities: denial of service

Affected products	External IDs

Kyocera Device Manager CVE-2023-50196 Vulnerability Solution Update \| Kyocera Document Solutions America Trust: 4.75 Fetched: Dec. 24, 2023, 10:24 a.m., Published: Dec. 24, 2050, midnight	Vulnerabilities: information leakage, traversal attack, path traversal

Affected products

External IDs

db:

NVD

ids:

CVE-2023-50916, CVE-2023-50196

VARIoT news about IoT security