VARIoT latest news about IoT security

Dell G15 5525 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Dec. 13, 2023, 9:34 a.m., Published: Dec. 8, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Electronics \| Free Full-Text \| Detection of Vulnerabilities in Smart Buildings Using the Shodan Tool Related entries in the VARIoT vulnerabilities database: VAR-201706-1000 Trust: 5.0 Fetched: Dec. 13, 2023, 9:31 a.m., Published: Jan. 13, 2023, midnight	Vulnerabilities: denial of service, code injection, side channel attack...

Affected products

External IDs

vendor:	trend	model:	security
vendor:	ecobee	model:	smart thermostat
vendor:	belkin	model:	wemo switch
vendor:	belkin	model:	router
vendor:	essential	model:	phone
vendor:	tp-link	model:	wr841n
vendor:	tp-link	model:	routers
vendor:	tp-link	model:	gateway
vendor:	d-link	model:	d-link dcs-2121
vendor:	d-link	model:	dcs-2121
vendor:	d-link	model:	router
vendor:	rapid	model:	scada
vendor:	google	model:	wifi
vendor:	google	model:	home
vendor:	siemens	model:	ip camera

db:

NVD

ids:

CVE-2018-1312, CVE-2019-0211, CVE-2018-17199, CVE-2017-15906, CVE-2017-7679, CVE-2019-0220, CVE-2018-15919

WinRAR CVE-2023-38831 Vulnerability: Malware Exploits & APT Attacks Trust: 4.5 Fetched: Dec. 13, 2023, 9:25 a.m., Published: -	Vulnerabilities: session hijacking, file execution, privilege escalation...

Affected products

External IDs

vendor:

rarlab

model:

winrar

db:

NVD

ids:

CVE-2023-38831

System BIOS komputera Dell Precision Rack 7910 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Dec. 13, 2023, 9:24 a.m., Published: Dec. 13, 7910, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

What is Vulnerability Management? \| Kaseya Trust: 3.0 Fetched: Dec. 13, 2023, 9:22 a.m., Published: Jan. 12, 2023, 6:58 p.m.	Vulnerabilities: denial of service

Affected products	External IDs

Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection \| Microsoft Security Blog Related entries in the VARIoT vulnerabilities database: VAR-202108-2056 Trust: 3.75 Fetched: Dec. 13, 2023, 9:19 a.m., Published: Oct. 28, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

db:

NVD

ids:

CVE-2021-30892

7.3.3 Quiz - Cloud, Mobile, and IoT Security Answers Full 100% Trust: 4.25 Fetched: Dec. 13, 2023, 9:17 a.m., Published: Oct. 15, 2023, 11:59 a.m.	Vulnerabilities: injection attack, resource exhaustion, privilege escalation...

Affected products

External IDs

vendor:	rapid	model:	scada
vendor:	clamav	model:	clamav

CVE-2023-38545, CVE-2023-38546: Frequently Asked Questions for New Vulnerabilities in curl - Blog \| Tenable® Trust: 5.0 Fetched: Dec. 13, 2023, 9:16 a.m., Published: Oct. 5, 2023, 12:58 a.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2023-38546, CVE-2023-38545

CVE-2023-20048: Unauthorized Configuration Commands Execution in Cisco Firepower Management Center Trust: 3.75 Fetched: Dec. 13, 2023, 9:16 a.m., Published: Nov. 1, 2023, 6:15 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco firepower management center

db:

NVD

ids:

CVE-2023-20048

System BIOS komputera Dell Precision Rack 7910 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Dec. 13, 2023, 9:15 a.m., Published: Dec. 13, 7910, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Qualcomm Vulnerabilities in Android Devices \| Lookout Threat Intelligence Related entries in the VARIoT vulnerabilities database: VAR-202312-0888 Trust: 4.0 Fetched: Dec. 13, 2023, 9:07 a.m., Published: Dec. 12, 2023, midnight	Vulnerabilities: integer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2023-33063, CVE-2023-33106, CVE-2023-33107

Distributed Denial-of-Service (DDoS) Attack - Source Defense Trust: 3.0 Fetched: Dec. 12, 2023, 9:50 a.m., Published: -	Vulnerabilities: denial of service

Affected products	External IDs

Google Bug Bounty Program: Protecting Your Android Device - USA Herald Trust: 3.5 Fetched: Dec. 12, 2023, 9:50 a.m., Published: Dec. 9, 2023, 11:55 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Citrix Bleed and Monitoring Network Devices - Malware News - Malware Analysis, News and Indicators Trust: 4.5 Fetched: Dec. 12, 2023, 9:48 a.m., Published: Dec. 5, 2023, 5:10 p.m.	Vulnerabilities: memory corruption, command injection, default credentials

Affected products

External IDs

vendor:	citrix	model:	netscaler
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2023-4966

Apple Releases Emergency Security Updates to Address Zero-Day Flaws on Older Devices - VULNERA Trust: 4.75 Fetched: Dec. 12, 2023, 9:37 a.m., Published: Dec. 11, 2023, 7:28 p.m.	Vulnerabilities: memory corruption

Affected products

External IDs

vendor:	apple	model:	tvos
vendor:	apple	model:	watch
vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	apple	model:	apple tv
vendor:	apple	model:	watchos
vendor:	apple	model:	webkit

db:

NVD

ids:

CVE-2023-42917, CVE-2023-42916

Ensuring Cybersecurity in Connected Medical Devices Trust: 3.0 Fetched: Dec. 12, 2023, 9:37 a.m., Published: Dec. 6, 2023, 1:28 p.m.	Vulnerabilities: -

Affected products	External IDs

External vs. Internal Vulnerability Scans: What’s the Difference? Trust: 3.75 Fetched: Dec. 12, 2023, 9:33 a.m., Published: Dec. 5, 2023, 6 a.m.	Vulnerabilities: session hijacking

Affected products

External IDs

vendor:

essential

model:

phone

New 5G Modem Flaws Affect iOS Devices and Android Models from Major Brands Trust: 3.75 Fetched: Dec. 12, 2023, 9:33 a.m., Published: Dec. 8, 2023, 5:22 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	motorola	model:	motorola
vendor:	motorola	model:	android
vendor:	nokia	model:	impact
vendor:	samsung	model:	mobile
vendor:	huawei	model:	huawei
vendor:	huawei	model:	honor
vendor:	asus	model:	asus
vendor:	google	model:	android
vendor:	vivo	model:	modem
vendor:	vivo	model:	modems
vendor:	vivo	model:	modem firmware

db:

NVD

ids:

CVE-2023-33042

Devices Face Increased Vulnerability to Adversary-in-the-Middle Attacks Due to BLUFFS Bluetooth Vulnerability Trust: 5.0 Fetched: Dec. 12, 2023, 9:31 a.m., Published: Dec. 3, 2023, midnight	Vulnerabilities: device impersonation

Affected products

External IDs

vendor:

apple

model:

macos

db:

NVD

ids:

CVE-2023-24023

Critical Bluetooth vulnerability allows attackers to take over systems Trust: 3.75 Fetched: Dec. 12, 2023, 9:29 a.m., Published: Dec. 11, 2023, 1:10 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	google	model:	android

db:

NVD

ids:

CVE-2020-0556, CVE-2023-45866

VARIoT news about IoT security