Sign-up

VARIoT news about IoT security

Exploits and exploit kits | Microsoft Learn

Related entries in the VARIoT vulnerabilities database: VAR-201601-0030

Trust: 3.0

Fetched: Nov. 8, 2022, 9:12 a.m., Published: Oct. 19, 2022, 9:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2013-1489, CVE-2017-0144, CVE-2016-0778

Medical device vulnerability could let hackers steal Wi-Fi credentials | CSO Online

Trust: 3.75

Fetched: Nov. 8, 2022, 9:10 a.m., Published: Sept. 9, 2022, midnight
 Vulnerabilities: format string vulnerability
Affected productsExternal IDs

Critical WhatsApp Vulnerabilities Allow Attackers Remote Device Hacking

Trust: 3.75

Fetched: Nov. 4, 2022, 8:18 p.m., Published: Sept. 28, 2022, 11:53 a.m.
 Vulnerabilities: memory corruption, integer overflow, privilege escalation...
Affected productsExternal IDs
db: NVD ids: CVE-2022-36934, CVE-2022-27492

Cisco warns of ISE vulnerability with no fixed release or workaround

Related entries in the VARIoT vulnerabilities database: VAR-202210-1641, VAR-202210-1371

Trust: 5.75

Fetched: Nov. 4, 2022, 8:18 p.m., Published: Oct. 27, 2022, 9:06 p.m.
 Vulnerabilities: path traversal, denial of service, cross-site scripting...
Affected productsExternal IDs
vendor: cisco model: meraki mx
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine
db: NVD ids: CVE-2022-20959, CVE-2022-20933, CVE-2022-20822

Vulnerabilities in aircraft wireless network devices expose users to hacking - SiliconANGLE

Trust: 5.0

Fetched: Nov. 4, 2022, 8:16 p.m., Published: Sept. 16, 2022, 12:24 a.m.
 Vulnerabilities: default password
Affected productsExternal IDs
db: NVD ids: CVE-2022-36158, CVE-2022-36159

Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684Security Affairs

Related entries in the VARIoT vulnerabilities database: VAR-202210-0198

Trust: 5.75

Fetched: Nov. 4, 2022, 8:13 p.m., Published: Oct. 18, 2022, 7:56 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-40684

Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

Trust: 5.5

Fetched: Nov. 4, 2022, 8:13 p.m., Published: Aug. 10, 2022, 10:02 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: draytek model: draytek routers
vendor: draytek model: routers
db: NVD ids: CVE-2022-1400, CVE-2022-1399, CVE-2022-1410, CVE-2022-1401

Exposure score in Defender Vulnerability Management | Microsoft Learn

Trust: 3.0

Fetched: Nov. 4, 2022, 8:11 p.m., Published: Sept. 27, 2022, 11:22 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks | SecurityWeek.Com

Trust: 4.25

Fetched: Nov. 4, 2022, 8:11 p.m., Published: Nov. 4, 2022, midnight
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: tenda model: router
vendor: d-link model: router
vendor: realtek model: realtek sdk
db: NVD ids: CVE-2022-27255

Apple fixes vulnerabilities in iOS devices and Mac computers | SC Media

Related entries in the VARIoT vulnerabilities database: VAR-202209-0759

Trust: 3.75

Fetched: Nov. 4, 2022, 8:10 p.m., Published: Sept. 16, 2022, 12:42 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
db: NVD ids: CVE-2022-32917

Learn how to mitigate the Log4Shell vulnerability in Microsoft Defender for Endpoint - Defender Vulnerability Management | Microsoft Learn

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 5.0

Fetched: Nov. 4, 2022, 8:04 p.m., Published: Sept. 27, 2022, 11:22 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Bugs Found in Contec Airplane WiFi Devices Expose Passengers to Cyberattack | Spiceworks 1

Trust: 4.0

Fetched: Nov. 4, 2022, 8:04 p.m., Published: Sept. 15, 2022, midnight
 Vulnerabilities: default password
Affected productsExternal IDs
db: NVD ids: CVE-2022-36158, CVE-2022-36159

Apple warns of security flaw for iPhones, iPads and Macs that allows hackers to access devices - CBS News

Trust: 3.0

Fetched: Nov. 4, 2022, 8:04 p.m., Published: Nov. 1, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: ipad

Exploit out for critical Realtek flaw affecting many networking devices

Trust: 4.75

Fetched: Nov. 4, 2022, 8:03 p.m., Published: -
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: buffalo model: router
vendor: d-link model: router
vendor: snort model: snort
vendor: realtek model: realtek sdk
vendor: belkin model: router
vendor: asustek model: routers
vendor: asustek model: router
db: NVD ids: CVE-2022-27255

New Firmware Vulnerabilities Affecting Millions of Devices Allow Persistent Access | SecurityWeek.Com

Trust: 3.75

Fetched: Nov. 4, 2022, 8:02 p.m., Published: Nov. 4, 2022, midnight
 Vulnerabilities: information disclosure, code execution
Affected productsExternal IDs
vendor: lenovo model: system

You should probably update your Apple devices right now | CNN Business

Trust: 3.0

Fetched: Nov. 4, 2022, 8:02 p.m., Published: Aug. 18, 2022, 11:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: ipod touch
vendor: apple model: ipad air
vendor: apple model: ipad

Showing Vulnerability to a Machine: Automated Prioritization of Software Vulnerabilities | Mandiant

Trust: 3.5

Fetched: Nov. 4, 2022, 7:58 p.m., Published: Nov. 7, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: symantec model: antivirus
vendor: symantec model: symantec antivirus
vendor: trend model: antivirus
vendor: trend model: security

WhatsApp Fixed Critical Vulnerabilities that Could Let an Attacker Hack Devices Remotely - Automatically Discover and Remediate Using VMDR Mobile | Qualys Security Blog

Trust: 4.5

Fetched: Nov. 4, 2022, 7:58 p.m., Published: Oct. 3, 2022, 9:19 a.m.
 Vulnerabilities: integer overflow, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2022-36934, CVE-2022-27492

Export software vulnerabilities assessment per device | Microsoft Learn

Trust: 3.5

Fetched: Nov. 4, 2022, 7:53 p.m., Published: Oct. 19, 2022, 9:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2020-16011, CVE-2020-26971, CVE-2020-15992

RBR10 / RBS10 Firmware Version 2.7.4.24 | Answer | NETGEAR Support

Trust: 3.0

Fetched: Nov. 4, 2022, 5:54 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: netgear model: rbr10
vendor: netgear model: rbs10