VARIoT latest news about IoT security

WinRAR vulnerability allowed attackers to remotely hijack systems Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 22, 2021, 3:17 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-35052

IoT -Security: Critical Vulnerability Affecting Millions of Devices - SMART INDUSTRY Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 23, 2021, 4:01 p.m.	Vulnerabilities: code execution

Affected products	External IDs

Shift to Remote work increasing risk and vulnerability from unsecured IoT devices, says report - CXO DX Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 2, 2021, 7:38 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	palo alto networks
vendor:	palo	model:	networks
vendor:	palo	model:	palo alto networks

Ss7 hack github Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: security bypass, buffer overflow, brute force attack

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	google	model:	wifi
vendor:	linksys	model:	wrt54g
vendor:	zoom	model:	client
vendor:	zoom	model:	zoom
vendor:	wrt54g	model:	linksys

Realtek chips make routers and IoT devices from at least 65 manufacturers vulnerable Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	synology	model:	diskstation

Zero-day vulnerabilities in Victure baby monitors allow hackers to spy on families remotely. Parents should turn off these devices Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 3, 2021, 4:11 p.m.	Vulnerabilities: -

Affected products	External IDs

NVD - CVE-2021-34792 Related entries in the VARIoT vulnerabilities database: VAR-202110-1377 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	asa_5580_firmware
vendor:	cisco	model:	adaptive_security_appliance
vendor:	cisco	model:	asa_5545-x_firmware
vendor:	cisco	model:	asa_5580
vendor:	cisco	model:	asa_5505_firmware
vendor:	cisco	model:	asa_5555-x_firmware
vendor:	cisco	model:	asa_5585-x
vendor:	cisco	model:	asa_5525-x_firmware
vendor:	cisco	model:	asa_5585-x_firmware
vendor:	cisco	model:	asa_5505
vendor:	cisco	model:	asa_5512-x_firmware
vendor:	cisco	model:	asa_5515-x_firmware

db:

NVD

ids:

CVE-2021-34792

How hackers exploited RCE vulnerabilities in Atlassian, Azure Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 13, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	barracuda	model:	barracuda
vendor:	barracuda networks	model:	barracuda

db:

NVD

ids:

CVE-2021-38647, CVE-2021-26084

Pegasus (spyware) - Wikipedia Related entries in the VARIoT vulnerabilities database: VAR-201608-0186, VAR-202108-1057, VAR-201608-0187, VAR-201608-0188 Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight	Vulnerabilities: information leak, memory corruption, code execution

Affected products

External IDs

vendor:	trend	model:	security
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	webkit
vendor:	apple	model:	iphone
vendor:	apple	model:	safari

db:

NVD

ids:

CVE-2016-4655, CVE-2021-30860, CVE-2016-4656, CVE-2016-4657

Blackberry Admits QNX OS Vulnerability Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

blackberry

model:

blackberry

iOS jailbreaking - Wikipedia Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 1, 2022, midnight	Vulnerabilities: default password, memory corruption, privilege escalation

Affected products

External IDs

vendor:	essential	model:	phone
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	ipad
vendor:	apple	model:	webkit
vendor:	apple	model:	apple tv
vendor:	apple	model:	mac os
vendor:	apple	model:	ipad air
vendor:	apple	model:	iphone os
vendor:	apple	model:	macos
vendor:	apple	model:	iphone 3gs
vendor:	apple	model:	itunes
vendor:	apple	model:	safari
vendor:	apple	model:	mac os x
vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	apple	model:	ipod touch

NVD - CVE-2021-20122 Related entries in the VARIoT vulnerabilities database: VAR-202104-0768 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: authentication vulnerability, command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2021-20122, CVE-2021-20090

Home - Securing Tomorrow. Today. \| McAfee Blogs Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 16, 2021, 4:38 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

squid

model:

squid

Sonic.net • Strange device connected to my Wi-Fi... am I vulnerable to hacking? Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 5, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

home

IoT Medical Devices Security Wi-Fi Vulnerabilities - IoT Executive Retained Search Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 28, 2021, 2:11 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

serve

model:

serve

Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks \| Cyware Alerts - Hacker News Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 4, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Our Shared Security: Responsibly Disclosing Competitor Vulnerabilities \| Ledger Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: side channel attack

Affected products	External IDs

No title Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	hewlett-packard company	model:	hewlett-packard company
vendor:	hewlett-packard company	model:	stream
vendor:	hewlett-packard	model:	hewlett-packard company
vendor:	hewlett-packard	model:	stream

Supply Chain Attacks on IoT - Million+ Devices Are Vulnerable \| by Zen Chan \| Technology Hits \| Medium Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, midnight	Vulnerabilities: buffer overflow, command injection

Affected products

External IDs

vendor:	netgear	model:	router
vendor:	realtek	model:	realtek sdk
vendor:	belkin	model:	router
vendor:	google	model:	wifi
vendor:	google	model:	home
vendor:	asus	model:	wireless routers
vendor:	asus	model:	router
vendor:	asus	model:	asus
vendor:	d-link	model:	router

12 hardware and software vulnerabilities you should address now \| Computerworld Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: buffer overflow, cross-site scripting, code execution

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	iphone

VARIoT news about IoT security