Sign-up

VARIoT news about IoT security

Top Exploited Vulnerabilities in 2021

Related entries in the VARIoT vulnerabilities database: VAR-202008-0248, VAR-202112-0566

Trust: 3.75

Fetched: June 2, 2022, 9:22 a.m., Published: May 12, 2022, 11:19 a.m.
 Vulnerabilities: encryption flaw
Affected productsExternal IDs
db: NVD ids: CVE-2021-27065, CVE-2021-34473, CVE-2021-26855, CVE-2020-1472, CVE-2021-31207, CVE-2021-34523, CVE-2021-26084, CVE-2021-44228

Security vulnerabilities detected in Chrome, update browser now: Cert-In | Deccan Herald

Trust: 5.0

Fetched: June 2, 2022, 9:22 a.m., Published: May 2, 2022, 1:08 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: google model: chrome

Armis Discovers "TLStorm 2.0," Five Critical Vulnerabilities in Network Switches, Organizations Around the World at Risk

Related entries in the VARIoT vulnerabilities database: VAR-202203-0237

Trust: 5.25

Fetched: June 2, 2022, 9:22 a.m., Published: May 3, 2022, 10 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: aruba model: web management portal
vendor: extremenetworks model: ers3500
vendor: palo model: networks
db: NVD ids: CVE-2022-23676, CVE-2022-22805, CVE-2022-23677, CVE-2022-29861, CVE-2022-29860

Cyber Security Today, May 11, 2022 - F5 BIG-IP devices under attack, a proposed settlement on a Clearview AI lawsuit and Colonial Pipeline may be fined | IT World Canada News

Trust: 3.0

Fetched: June 2, 2022, 9:22 a.m., Published: May 11, 2022, 12:36 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: nokia model: impact

Hackers Exploiting a Critical Vulnerability in Zyxel Firewall & VPN Devices

Related entries in the VARIoT vulnerabilities database: VAR-202205-0957

Trust: 5.5

Fetched: June 2, 2022, 9:22 a.m., Published: May 17, 2022, 4:46 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: zyxel model: usg20-vpn
vendor: zyxel model: usg20w-vpn
db: NVD ids: CVE-2022-30525

Researchers Hacked iPhones That Are Turned Off Using Bluetooth Vulnerability

Trust: 3.0

Fetched: June 2, 2022, 9:22 a.m., Published: May 17, 2022, 7:45 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Access:7 vulnerabilities impact medical and IoT devices - Vester Holdings Crypto News

Trust: 5.5

Fetched: June 1, 2022, 8:58 a.m., Published: March 8, 2022, 8 a.m.
 Vulnerabilities: buffer overflow, code execution, information disclosure...
Affected productsExternal IDs
vendor: serve model: serve
db: NVD ids: CVE-2022-25248, CVE-2022-25246, CVE-2022-25247, CVE-2022-25251, CVE-2022-25250, CVE-2022-25249, CVE-2022-25252

Palo Alto: More than 100,000 infusion pumps vulnerable to 2 vulnerabilities | ZDNet

Related entries in the VARIoT vulnerabilities database: VAR-202006-0330, VAR-201702-0856, VAR-202006-0328, VAR-201908-0712, VAR-201702-0080, VAR-201908-0705, VAR-202006-0329, VAR-202006-0331, VAR-202006-0332

Trust: 4.25

Fetched: June 1, 2022, 8:58 a.m., Published: -
 Vulnerabilities: information leakage, default credentials
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo alto networks model: networks
db: NVD ids: CVE-2020-12043, CVE-2016-9355, CVE-2020-12040, CVE-2019-12255, CVE-2016-8375, CVE-2019-12264, CVE-2020-25165, CVE-2020-12041, CVE-2020-12045, CVE-2020-12047

Over 100 Lenovo Laptops Affected by Trio of UEFI Vulnerabilities | Tom's Hardware

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: April 20, 2022, 3:30 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: notebook
vendor: lenovo model: system
vendor: lenovo model: bios
vendor: lenovo model: updates
db: NVD ids: CVE-2021-3972, CVE-2021-3971, CVE-2021-3970

TPM Invisible BIOS Vulnerability Affects Dell, Alienware Machines | Tom's Hardware

Related entries in the VARIoT vulnerabilities database: VAR-202203-0823, VAR-202203-1378, VAR-202203-1379, VAR-202203-0927, VAR-202203-0822

Trust: 3.75

Fetched: June 1, 2022, 8:58 a.m., Published: March 23, 2022, 4:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: wyse 7040
vendor: dell model: latitude
vendor: dell model: bios
db: NVD ids: CVE-2022-24421, CVE-2022-24415, CVE-2022-24420, CVE-2022-24419, CVE-2022-24416

100+ Lenovo laptop models affected by UEFI BIOS vulnerabilities - NotebookCheck.net News

Trust: 3.25

Fetched: June 1, 2022, 8:58 a.m., Published: June 10, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: bios

Samsung Device Vulnerability Archives - MobileSyrup

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: May 31, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung

Vulnerabilities in remote management agent impacts thousands of medical devices - Channel Asia

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: June 1, 2022, midnight
 Vulnerabilities: information leak, code execution, directory traversal...
Affected productsExternal IDs
db: NVD ids: CVE-2022-25248, CVE-2022-25247, CVE-2022-25246, CVE-2022-25251, CVE-2022-25250, CVE-2022-25249, CVE-2022-25252

Critical RCE Flaws Impact Medical Devices | Decipher

Trust: 4.5

Fetched: June 1, 2022, 8:58 a.m., Published: March 8, 2022, midnight
 Vulnerabilities: code execution, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2022-25251, CVE-2022-25247, CVE-2022-25246

Zyxel security advisory for authentication bypass vulnerability of firewalls | Zyxel

Related entries in the VARIoT vulnerabilities database: VAR-202203-1898

Trust: 6.0

Fetched: June 1, 2022, 8:58 a.m., Published: May 27, 2022, 4:34 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: zyxel model: zywall
db: NVD ids: CVE-2022-0342

HP Patches BIOS Vulnerabilities Affecting Over 200 Laptops, Workstations

Trust: 3.25

Fetched: June 1, 2022, 8:58 a.m., Published: May 11, 2022, 8:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-3809, CVE-2021-3808

HP Patches BIOS Vulnerabilities Affecting Over 200 Laptops, Workstations | PCMag

Trust: 3.0

Fetched: June 1, 2022, 8:58 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-3809, CVE-2021-3808

Google Reports 30 New Chrome Vulnerabilities, Releases Urgent Update

Trust: 4.5

Fetched: June 1, 2022, 8:58 a.m., Published: May 11, 2022, 9:22 a.m.
 Vulnerabilities: buffer overflow, use after free
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
db: NVD ids: CVE-2022-1477, CVE-2022-1478, CVE-2022-1481, CVE-2022-1479, CVE-2022-1480, CVE-2022-1482, CVE-2022-1483

Critical vulnerabilities discovered in millions of network switches | TechRadar

Trust: 4.0

Fetched: June 1, 2022, 8:58 a.m., Published: May 4, 2022, 2:57 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-23676, CVE-2022-29861, CVE-2022-23677, CVE-2022-29860

OESIS Framework May 27, 2022 Release | OPSWAT

Related entries in the VARIoT vulnerabilities database: VAR-202010-1523

Trust: 3.75

Fetched: June 1, 2022, 8:58 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple inc. model: safari
vendor: apple inc. model: itunes
vendor: apple model: safari
vendor: apple model: itunes
db: NVD ids: CVE-2022-30013, CVE-2022-30959, CVE-2020-9983, CVE-2021-42704, CVE-2022-30965, CVE-2021-42700, CVE-2022-30958, CVE-2021-42702