VARIoT latest news about IoT security

Trend Micro Patches Critical Vulnerability in Server Protection Solution \| SecurityWeek.Com Trust: 5.75 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Jan. 15, 2022, midnight	Vulnerabilities: authentication bypass

Affected products

External IDs

vendor:	novell	model:	netware
vendor:	trend	model:	home network security
vendor:	trend	model:	security
vendor:	trend micro	model:	home network security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2021-36745

November Patch Tuesday drop fixes bugs in Excel, Exchange Server Trust: 5.25 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 10, 2021, midnight	Vulnerabilities: security feature bypass, buffer overflow, memory corruption...

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2021-42292, CVE-2021-42270, CVE-2021-26855, CVE-2021-38666, CVE-2021-27065, CVE-2021-3711, CVE-2021-42316, CVE-2021-42321, CVE-2021-42298, CVE-2021-26443

Bluetooth Vulnerability: Arbitrary Code Execution On The ESP32, Among Others \| Hackaday Trust: 4.75 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 23, 2021, 11 a.m.	Vulnerabilities: denial of service, code execution

Affected products	External IDs

New series of Bluetooth vulnerabilities discovered that could put millions of Windows and Android devices worldwide in trouble - latest news today blogtuan.info Trust: 4.0 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 15, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

optiplex

db:

NVD

ids:

CVE-2021-28139

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 16, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

CVE - CVE-2021-34748 Related entries in the VARIoT vulnerabilities database: VAR-202110-0209 Trust: 5.5 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: injection attack, command injection

Affected products

External IDs

vendor:	cisco systems	model:	cisco systems
vendor:	cisco	model:	cisco systems

db:

NVD

ids:

CVE-2021-34748

Mac Zero Day Targets Apple Devices in Hong Kong \| Threatpost Related entries in the VARIoT vulnerabilities database: VAR-202108-1374 Trust: 3.0 Fetched: Nov. 18, 2021, 2:22 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-30869

Critical RCE Vulnerability in Palo Alto Global Protect Firewall Affects Estimated 10,000 VPNs - Innovate Cybersecurity Trust: 5.5 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 15, 2022, midnight	Vulnerabilities: code execution, buffer overflow, memory corruption

Affected products

External IDs

vendor:	paloaltonetworks	model:	firewall
vendor:	paloaltonetworks	model:	palo alto networks globalprotect
vendor:	paloaltonetworks	model:	networks globalprotect
vendor:	paloaltonetworks	model:	networks
vendor:	paloaltonetworks	model:	palo alto networks
vendor:	paloaltonetworks	model:	pan-os
vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	palo alto networks globalprotect
vendor:	palo alto networks	model:	networks globalprotect
vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	palo alto networks
vendor:	palo alto networks	model:	pan-os
vendor:	palo	model:	firewall
vendor:	palo	model:	palo alto networks globalprotect
vendor:	palo	model:	networks globalprotect
vendor:	palo	model:	networks
vendor:	palo	model:	palo alto networks
vendor:	palo	model:	pan-os

db:

NVD

ids:

CVE-2021-3064

Critical security vulnerabilities put millions of healthcare devices at risk \| TechRadar Trust: 3.75 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 10, 2021, 4:15 p.m.	Vulnerabilities: denial of service, code execution

Affected products

External IDs

vendor:

siemens

model:

nucleus

NVD - CVE-2021-42114 Trust: 3.5 Fetched: Nov. 18, 2021, 2:22 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	dram	model:	dram

db:

NVD

ids:

CVE-2021-42114

These cybersecurity vulnerabilities could leave millions of connected medical devices open to attack - The Latest Breaking News Related entries in the VARIoT vulnerabilities database: VAR-202111-1605, VAR-202111-1616, VAR-202111-1604 Trust: 6.75 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 9, 2021, 3:32 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

siemens

model:

nucleus

db:

NVD

ids:

CVE-2021-31886, CVE-2021-31888, CVE-2021-31887

Serious security vulnerabilities in DRAM memory devices - Tech Xplore - Business Telegraph Trust: 3.0 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 16, 2021, 1:37 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

dram

model:

dram

Security Vulnerabilities fixed in Firefox ESR 78.15 - Mozilla Trust: 3.0 Fetched: Nov. 18, 2021, 2:22 p.m., Published: -	Vulnerabilities: memory corruption

Affected products	External IDs

DSA-2021-152: Aktualizacja zabezpieczeń platformy klienckiej firmy Dell dotycząca luki w zabezpieczeniach niewystarczającej kontroli dostępu w sterowniku Dell DBUtilDrv2.sys \| Dell Polska Related entries in the VARIoT vulnerabilities database: VAR-202108-1843 Trust: 3.5 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 2, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	dell	model:	vostro 3670
vendor:	dell	model:	latitude 5175
vendor:	dell	model:	inspiron 3583
vendor:	dell	model:	optiplex 5040
vendor:	dell	model:	latitude 7280
vendor:	dell	model:	latitude 7275
vendor:	dell	model:	latitude 5580
vendor:	dell	model:	precision 3530
vendor:	dell	model:	vostro 3660
vendor:	dell	model:	latitude 5420
vendor:	dell	model:	vostro 3070
vendor:	dell	model:	latitude 5288
vendor:	dell	model:	latitude 5285
vendor:	dell	model:	g5 5590
vendor:	dell	model:	inspiron 3580
vendor:	dell	model:	inspiron 3480
vendor:	dell	model:	latitude 7490
vendor:	dell	model:	latitude 3180
vendor:	dell	model:	g7 7588
vendor:	dell	model:	optiplex 7440 aio
vendor:	dell	model:	optiplex 3046
vendor:	dell	model:	latitude 7480
vendor:	dell	model:	inspiron 7586
vendor:	dell	model:	latitude 5491
vendor:	dell	model:	vostro 3470
vendor:	dell	model:	g7 7790
vendor:	dell	model:	vostro 3581
vendor:	dell	model:	optiplex 7760 aio
vendor:	dell	model:	precision 7920
vendor:	dell	model:	vostro 3267
vendor:	dell	model:	latitude 3390
vendor:	dell	model:	latitude e7470
vendor:	dell	model:	optiplex xe3
vendor:	dell	model:	optiplex 7060
vendor:	dell	model:	latitude 3470
vendor:	dell	model:	latitude
vendor:	dell	model:	precision 3930
vendor:	dell	model:	latitude 7370
vendor:	dell	model:	precision 7820
vendor:	dell	model:	latitude 5179
vendor:	dell	model:	inspiron 5770
vendor:	dell	model:	latitude 5490
vendor:	dell	model:	inspiron 7472
vendor:	dell	model:	inspiron 7380
vendor:	dell	model:	inspiron 3268
vendor:	dell	model:	precision 3420
vendor:	dell	model:	precision 7530
vendor:	dell	model:	precision 3520
vendor:	dell	model:	inspiron 5570
vendor:	dell	model:	latitude 3380
vendor:	dell	model:	latitude e5270
vendor:	dell	model:	g3 3779
vendor:	dell	model:	latitude 3490
vendor:	dell	model:	inspiron 3780
vendor:	dell	model:	optiplex 5060
vendor:	dell	model:	latitude 7290
vendor:	dell	model:	latitude 3190
vendor:	dell	model:	vostro 3268
vendor:	dell	model:	latitude 3570
vendor:	dell	model:	inspiron 3781
vendor:	dell	model:	precision 3620
vendor:	dell	model:	optiplex 3060
vendor:	dell	model:	inspiron 5580
vendor:	dell	model:	latitude 5480
vendor:	dell	model:	inspiron 5481
vendor:	dell	model:	latitude 3580
vendor:	dell	model:	precision 5510
vendor:	dell	model:	precision 5520
vendor:	dell	model:	vostro 3669
vendor:	dell	model:	vostro 5481
vendor:	dell	model:	latitude 5488
vendor:	dell	model:	precision 3430
vendor:	dell	model:	optiplex 7050
vendor:	dell	model:	vostro 3583
vendor:	dell	model:	vostro 3580
vendor:	dell	model:	chengming 3967
vendor:	dell	model:	chengming
vendor:	dell	model:	precision 3510
vendor:	dell	model:	embedded box pc
vendor:	dell	model:	inspiron 7386
vendor:	dell	model:	latitude 3189
vendor:	dell	model:	chengming 3980
vendor:	dell	model:	wyse 7040
vendor:	dell	model:	latitude 5590
vendor:	dell	model:	vostro 3480
vendor:	dell	model:	latitude 7389
vendor:	dell	model:	optiplex 3040
vendor:	dell	model:	inspiron 5482
vendor:	dell	model:	inspiron 3668
vendor:	dell	model:	precision 5530
vendor:	dell	model:	precision 5820
vendor:	dell	model:	precision 3630
vendor:	dell	model:	g7 7590
vendor:	dell	model:	latitude 5280
vendor:	dell	model:	vostro 3584
vendor:	dell	model:	precision 7520
vendor:	dell	model:	optiplex 3050
vendor:	dell	model:	optiplex 3050 aio
vendor:	dell	model:	inspiron 3470
vendor:	dell	model:	latitude 5290
vendor:	dell	model:	latitude 7390
vendor:	dell	model:	g5 5587
vendor:	dell	model:	latitude e5570
vendor:	dell	model:	inspiron 3481
vendor:	dell	model:	inspiron 7580
vendor:	dell	model:	chengming 3977
vendor:	dell	model:	optiplex 7040
vendor:	dell	model:	latitude 5289
vendor:	dell	model:	latitude 5591
vendor:	dell	model:	optiplex 5050
vendor:	dell	model:	inspiron 3581
vendor:	dell	model:	inspiron 5480
vendor:	dell	model:	latitude e7270
vendor:	dell	model:	embedded box pc 5000
vendor:	dell	model:	wyse 5070
vendor:	dell	model:	g3 3579
vendor:	dell	model:	latitude 7380
vendor:	dell	model:	vostro 3668
vendor:	dell	model:	optiplex
vendor:	dell	model:	vostro 5581
vendor:	dell	model:	inspiron 3584
vendor:	dell	model:	precision 5720 aio
vendor:	dell	model:	inspiron 7786
vendor:	dell	model:	precision 7720
vendor:	dell	model:	vostro 3667
vendor:	dell	model:	latitude 3590
vendor:	dell	model:	bios
vendor:	dell	model:	latitude 3480
vendor:	dell	model:	xps 8900
vendor:	dell	model:	latitude e5470

db:

NVD

ids:

CVE-2021-36276

CVE - CVE-2021-40117 Related entries in the VARIoT vulnerabilities database: VAR-202110-1351 Trust: 5.75 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco systems	model:	adaptive security appliance
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	cisco adaptive security appliance
vendor:	cisco systems	model:	firepower
vendor:	cisco systems	model:	firepower threat defense
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2021-40117

Medical Device Cybersecurity Trust: 3.0 Fetched: Nov. 18, 2021, 2:22 p.m., Published: -	Vulnerabilities: -

Affected products	External IDs

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 5, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Lights, Cameras…Vulnerabilities? Rise of Non-Business IoT Devices Putting North American Corporate Networks At Risk \| Nachricht \| finanzen.net Trust: 4.25 Fetched: Nov. 18, 2021, 2:22 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	paloaltonetworks	model:	firewall
vendor:	paloaltonetworks	model:	networks
vendor:	paloaltonetworks	model:	palo alto networks
vendor:	palo	model:	firewall
vendor:	palo	model:	networks
vendor:	palo	model:	palo alto networks
vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	palo alto networks

db:

POSIVITIVE TECHNOLOGY

ids:

ID:10

Netgear Patches Code Execution Vulnerability Affecting Many Products \| SecurityWeek.Com Related entries in the VARIoT vulnerabilities database: VAR-202111-0632 Trust: 5.5 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 15, 2022, midnight	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	netgear	model:	netgear router
vendor:	netgear	model:	netgear router firmware
vendor:	netgear	model:	router

db:

NVD

ids:

CVE-2021-34991

13 critical Nucleus TCP/IP flaws pose denial-of-service risk to medical devices Related entries in the VARIoT vulnerabilities database: VAR-202103-0365 Trust: 4.5 Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 15, 2021, 12:20 p.m.	Vulnerabilities: code execution, improper validation

Affected products

External IDs

vendor:	siemens	model:	nucleus net
vendor:	siemens	model:	nucleus

db:

NVD

ids:

CVE-2016-20009

VARIoT news about IoT security