VARIoT news about IoT security

Trust: 5.25

Fetched: Dec. 13, 2022, 9:14 a.m., Published: Dec. 13, 2022, midnight
Vulnerabilities: memory corruption, use after free, feature bypass...
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: android
vendor: google model: google chrome
db: NVD ids: CVE-2021-26436, CVE-2018-1022, CVE-2018-8139, CVE-2018-8133, CVE-2021-30624, CVE-2021-21157, CVE-2018-0953, CVE-2020-17153, CVE-2020-1195, CVE-2018-0955, CVE-2022-33649, CVE-2021-30617, CVE-2021-30611, CVE-2018-8123, CVE-2018-8114, CVE-2021-21141, CVE-2018-1021, CVE-2021-30610, CVE-2021-30609, CVE-2022-44708, CVE-2021-30614, CVE-2022-41115, CVE-2018-8122, CVE-2021-33741, CVE-2022-33680, CVE-2018-0943, CVE-2021-24113, CVE-2021-30607, CVE-2018-8130, CVE-2018-1025, CVE-2018-0951, CVE-2018-8358, CVE-2021-30622, CVE-2021-30613, CVE-2022-4135, CVE-2022-38012, CVE-2021-30618, CVE-2021-30615, CVE-2021-30608, CVE-2021-30621, CVE-2021-30620, CVE-2018-8388, CVE-2018-0954, CVE-2018-0945, CVE-2020-16884, CVE-2018-8137, CVE-2021-30606, CVE-2018-8177, CVE-2021-38669, CVE-2021-24100, CVE-2018-8128, CVE-2022-33636, CVE-2021-36930, CVE-2018-8178, CVE-2018-8179, CVE-2022-35796, CVE-2022-33639, CVE-2021-30616, CVE-2021-30612, CVE-2021-21140, CVE-2021-30623, CVE-2018-8383, CVE-2018-0946, CVE-2018-8145, CVE-2018-8112, CVE-2022-41035, CVE-2021-30619, CVE-2022-44688
Related entries in the VARIoT vulnerabilities database: VAR-202007-1057

Trust: 3.75

Fetched: Dec. 13, 2022, 9:13 a.m., Published: Dec. 12, 2022, 8:28 p.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: series
vendor: cisco model: ip phone 7800
vendor: cisco model: ip phone 7800 series
vendor: cisco model: ip phone 8800 series
vendor: cisco model: ip phone 8800
vendor: cisco model: ip phone
db: NVD ids: CVE-2020-3452

Trust: 4.25

Fetched: Dec. 13, 2022, 9:12 a.m., Published: Dec. 13, 2022, midnight
Vulnerabilities: cross-site scripting, code execution
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks
db: NVD ids: CVE-2022-35829

Trust: 3.75

Fetched: Dec. 13, 2022, 9:12 a.m., Published: Oct. 19, 2022, 9:04 p.m.
Vulnerabilities: security feature bypass, feature bypass
Affected productsExternal IDs
db: NVD ids: CVE-2017-0140
Related entries in the VARIoT vulnerabilities database: VAR-202207-0037, VAR-202207-0036

Trust: 3.75

Fetched: Dec. 13, 2022, 9:11 a.m., Published: Dec. 13, 2022, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: omron model: omron plc
db: NVD ids: CVE-2022-34151, CVE-2022-33208, CVE-2022-33971
Related entries in the VARIoT vulnerabilities database: VAR-202212-0864

Trust: 4.5

Fetched: Dec. 13, 2022, 9:10 a.m., Published: -
Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: cisco model: link layer discovery protocol
vendor: cisco model: series
vendor: cisco model: ip phone 7800
vendor: cisco model: voice vlan
vendor: cisco model: ip phones
vendor: cisco model: ip phone
db: NVD ids: CVE-2022-20968

Trust: 4.0

Fetched: Dec. 13, 2022, 9:10 a.m., Published: -
Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-45797

Trust: 3.75

Fetched: Dec. 13, 2022, 9:10 a.m., Published: Dec. 11, 2022, 7:18 a.m.
Vulnerabilities: denial of service, code execution
Affected productsExternal IDs

Trust: 3.25

Fetched: Dec. 11, 2022, 9:18 a.m., Published: Dec. 11, 2022, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ip phones

Trust: 3.75

Fetched: Dec. 11, 2022, 9:17 a.m., Published: Nov. 26, 2022, 4:37 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: apple model: iphone
vendor: google model: pixel
vendor: google model: android
vendor: samsung model: mobile
vendor: samsung model: galaxy s10
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
db: NVD ids: CVE-2022-33917

Trust: 4.75

Fetched: Dec. 11, 2022, 9:16 a.m., Published: Dec. 11, 2021, midnight
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: home
vendor: google model: android

Trust: 5.75

Fetched: Dec. 11, 2022, 9:16 a.m., Published: Dec. 11, 2022, midnight
Vulnerabilities: weak password, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2022-45477, CVE-2022-45481, CVE-2022-45482, CVE-2022-45479

Trust: 3.75

Fetched: Dec. 11, 2022, 9:15 a.m., Published: Nov. 29, 2022, 6:53 a.m.
Vulnerabilities: access control vulnerability
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine

Trust: 4.5

Fetched: Dec. 11, 2022, 9:14 a.m., Published: Dec. 11, 2022, midnight
Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2022-20465

Trust: 4.5

Fetched: Dec. 11, 2022, 9:14 a.m., Published: Sept. 15, 2022, 1:13 p.m.
Vulnerabilities: cross-site scripting, code injection, denial of service...
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android
Related entries in the VARIoT vulnerabilities database: VAR-202210-1074

Trust: 4.25

Fetched: Dec. 11, 2022, 9:13 a.m., Published: -
Vulnerabilities: memory leak
Affected productsExternal IDs
db: NVD ids: CVE-2022-22228
Related entries in the VARIoT vulnerabilities database: VAR-201609-0352

Trust: 3.0

Fetched: Dec. 11, 2022, 9:13 a.m., Published: Oct. 31, 2022, 3:25 p.m.
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2016-6309

Trust: 5.25

Fetched: Dec. 11, 2022, 9:12 a.m., Published: Dec. 11, 2022, midnight
Vulnerabilities: information disclosure, denial of service, code execution
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: google model: pixel
vendor: google model: android
vendor: samsung model: mobile
vendor: samsung model: notes
vendor: motorola model: motorola
vendor: motorola model: android
db: NVD ids: CVE-2022-25685, CVE-2022-39106, CVE-2021-39795, CVE-2022-25672, CVE-2022-20486, CVE-2022-20469, CVE-2022-20495, CVE-2021-39660, CVE-2022-39130, CVE-2022-20466, CVE-2022-20124, CVE-2022-42756, CVE-2022-20500, CVE-2022-25691, CVE-2022-25692, CVE-2022-32594, CVE-2022-20479, CVE-2022-20480, CVE-2022-39134, CVE-2022-42755, CVE-2022-20485, CVE-2022-20473, CVE-2022-20483, CVE-2022-33238, CVE-2022-25682, CVE-2022-25689, CVE-2022-20468, CVE-2022-20475, CVE-2022-25702, CVE-2022-20482, CVE-2022-39133, CVE-2022-42771, CVE-2022-25673, CVE-2022-20488, CVE-2022-20501, CVE-2022-20497, CVE-2022-32596, CVE-2022-20496, CVE-2022-20240, CVE-2022-20611, CVE-2022-42772, CVE-2022-25681, CVE-2022-20478, CVE-2022-39132, CVE-2022-25697, CVE-2022-32597, CVE-2021-39617, CVE-2022-20442, CVE-2022-32619, CVE-2022-20411, CVE-2022-33268, CVE-2022-20144, CVE-2022-32598, CVE-2022-42770, CVE-2022-39129, CVE-2022-25695, CVE-2022-25698, CVE-2022-39131, CVE-2022-20477, CVE-2022-20449, CVE-2022-20484, CVE-2022-20491, CVE-2022-20470, CVE-2021-0934, CVE-2022-20487, CVE-2022-20476, CVE-2022-20472, CVE-2022-20498, CVE-2022-33235, CVE-2022-20502, CVE-2022-20444, CVE-2022-32620, CVE-2022-20471, CVE-2022-42754, CVE-2022-20474

Trust: 4.0

Fetched: Dec. 11, 2022, 9:12 a.m., Published: Nov. 15, 2022, 10:59 p.m.
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios

Trust: 4.5

Fetched: Dec. 11, 2022, 9:11 a.m., Published: Dec. 11, 2022, midnight
Vulnerabilities: feature bypass, code execution
Affected productsExternal IDs
vendor: dell model: bios
vendor: lenovo model: notebook
vendor: lenovo model: bios
vendor: lenovo model: system
db: NVD ids: CVE-2022-4020, CVE-2022-3431