Sign-up

VARIoT news about IoT security

SonicWall urges customers to fix SMA 1000 vulnerabilitiesSecurity Affairs

Trust: 5.75

Fetched: June 9, 2022, 1:20 p.m., Published: May 13, 2022, 9:30 p.m.
 Vulnerabilities: access control vulnerability, open redirect issue, improper access control...
Affected productsExternal IDs
vendor: sonicwall model: secure mobile access
vendor: sonicwall model: sma1000
db: NVD ids: CVE-2022-22282

What Is a Computer Worm & How Do You Prevent Them?

Trust: 4.25

Fetched: June 9, 2022, 1:13 p.m., Published: May 13, 2022, 8:21 p.m.
 Vulnerabilities: default credentials, denial of service
Affected productsExternal IDs
vendor: avast model: antivirus
vendor: trend micro model: security
vendor: trend micro model: antivirus
vendor: trend model: security
vendor: trend model: antivirus

Critical vulnerabilities in VMWare products | Kaspersky official blog

Trust: 4.0

Fetched: June 9, 2022, 1:12 p.m., Published: Jan. 9, 2050, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-22972, CVE-2022-22973

F5 BIG-IP Critical Remote Code Execution Vulnerability Getting Exploited. Patch Now! - SecPod Blog

Related entries in the VARIoT vulnerabilities database: VAR-202205-0394

Trust: 5.0

Fetched: June 9, 2022, 1:11 p.m., Published: May 10, 2022, 8:18 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-1388

Android Devices Are at Risk After Microsoft Detects Serious Security Bugs | Tech Times

Trust: 3.75

Fetched: June 9, 2022, 1:08 p.m., Published: May 31, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, CVE-2021-42601

Actively exploited vulnerability in Windows | Kaspersky official blog

Trust: 3.25

Fetched: June 9, 2022, 1:08 p.m., Published: Jan. 9, 2050, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-29130, CVE-2022-26925, CVE-2022-22012, CVE-2022-22713, CVE-2022-29972, CVE-2022-26937

Active Exploitation of F5 BIG-IP Devices (CVE-2022-1388) - Security Boulevard

Related entries in the VARIoT vulnerabilities database: VAR-202205-0394

Trust: 3.75

Fetched: June 9, 2022, 1:07 p.m., Published: May 12, 2022, 10:35 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2022-1388

Report: Credential access is top risk for ransomware attacks | VentureBeat

Trust: 3.0

Fetched: June 9, 2022, 1:06 p.m., Published: May 17, 2022, 8:23 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Hackers can unlock your phone, smart locks and even your car by exploiting this vulnerability | Tom's Guide

Trust: 3.75

Fetched: June 9, 2022, 1:04 p.m., Published: May 19, 2022, 9:21 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: kwikset model: kevo
vendor: tesla model: model
vendor: tesla model: model 3

May | 2022 | Born's Tech and Windows World

Related entries in the VARIoT vulnerabilities database: VAR-202205-1914, VAR-202205-1913

Trust: 4.75

Fetched: June 9, 2022, 1:04 p.m., Published: May 9, 2022, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend micro model: trend micro antivirus
vendor: trend micro model: antivirus
vendor: palo alto networks model: networks
vendor: citrix model: gateway
vendor: palo model: networks
vendor: trend model: security
vendor: trend model: trend micro antivirus
vendor: trend model: antivirus
db: NVD ids: CVE-2022-27507, CVE-2022-27508

GRC | Security Now! Episode Archive

Trust: 3.25

Fetched: June 9, 2022, 12:58 p.m., Published: May 9, 2022, midnight
 Vulnerabilities: authentication bypass, code execution, privilege escalation...
Affected productsExternal IDs
vendor: cisco model: series
vendor: cisco model: guard
vendor: cisco model: meeting
vendor: cisco model: routers
vendor: cisco model: router
vendor: netgear model: router
vendor: netgear model: netgear router
vendor: google model: chrome
vendor: google model: android
vendor: google model: home
vendor: google model: wifi
vendor: samsung model: mobile
vendor: samsung model: notes
vendor: samsung model: note
vendor: samsung model: printer
vendor: samsung model: mobile phones
vendor: trend model: password manager
vendor: trend model: security
vendor: asus model: asus
vendor: asus model: routers
vendor: asus model: router
vendor: sophos model: mobile
vendor: microtik model: routers
vendor: microtik model: router
vendor: apple model: iphone
vendor: palo model: firewall
vendor: palo model: networks
vendor: orange model: web server
vendor: lenovo model: edge
vendor: lenovo model: system
vendor: lenovo model: updates

Cyber Security Today, May 6, 2022 - Hacking helped by infected removable storage devices, corporate espionage, and more | IT World Canada News

Trust: 3.0

Fetched: June 9, 2022, 12:56 p.m., Published: May 6, 2022, 11:53 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canary model: canary

Latest Windows 10, Windows 11 Cumulative Updates Break Down the Event Viewer

Trust: 3.25

Fetched: June 9, 2022, 12:56 p.m., Published: May 10, 2022, 9:58 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-26925

HC3 TLP White: Monthly Cybersecurity Vulnerability Bulletin May 6, 2022 | AHA

Trust: 3.0

Fetched: June 9, 2022, 12:56 p.m., Published: May 6, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Project Zero

Trust: 3.25

Fetched: June 9, 2022, 12:55 p.m., Published: May 10, 2022, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs

Decade-old vulnerabilities discovered in Avast and AVG antivirus

Trust: 4.0

Fetched: June 9, 2022, 12:54 p.m., Published: May 5, 2022, 5:27 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: avast model: antivirus
db: NVD ids: CVE-2022-26522, CVE-2022-26523

Multiple Vulnerabilities in SonicWall SSLVPN SMA1000 Series Could Allow for Authentication Bypass | New York State Office of Information Technology Services

Trust: 4.25

Fetched: June 9, 2022, 12:50 p.m., Published: May 16, 2022, 4:46 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: sonicwall model: sma1000

Critical flaw in Zyxel firewalls grants access to corporate networks (CVE-2022-30525) - Help Net Security

Related entries in the VARIoT vulnerabilities database: VAR-202205-0957

Trust: 3.0

Fetched: June 9, 2022, 12:47 p.m., Published: May 13, 2022, 11:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-30525

Patch warning issued for Avaya, Aruba switches | IT World Canada News

Related entries in the VARIoT vulnerabilities database: VAR-202203-0237

Trust: 5.5

Fetched: June 9, 2022, 12:46 p.m., Published: May 3, 2022, 7:50 p.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: extreme networks model: ers3500
vendor: extreme model: ers3500
db: NVD ids: CVE-2022-22805, CVE-2022-29860, CVE-2022-23676, CVE-2022-23677, CVE-2022-29861

Vulnerability in QVR - Security Advisory | QNAP (US)

Trust: 3.25

Fetched: June 9, 2022, 12:45 p.m., Published: May 6, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-27588