VARIoT latest news about IoT security

How secure are your network peripherals? Trust: 4.5 Fetched: May 13, 2022, 8:15 a.m., Published: Jan. 31, 2022, midnight	Vulnerabilities: code execution, buffer overflow

Affected products	External IDs

Security Advisory - Laser Command Injection Vulnerability on Huawei Terminals Trust: 4.25 Fetched: May 13, 2022, 8:15 a.m., Published: Jan. 26, 2022, 1 a.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:

huawei

model:

huawei

New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks Trust: 4.25 Fetched: May 13, 2022, 8:15 a.m., Published: Jan. 31, 2022, midnight	Vulnerabilities: code execution

Affected products	External IDs

New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks - News Nation USA Trust: 3.25 Fetched: May 13, 2022, 8:15 a.m., Published: May 13, 2042, midnight	Vulnerabilities: code execution

Affected products	External IDs

Windows vulnerability with new public exploits lets you become admin Related entries in the VARIoT vulnerabilities database: VAR-202201-0580, VAR-202102-0786 Trust: 4.0 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2022, midnight	Vulnerabilities: privilege elevation

Affected products

External IDs

db:

NVD

ids:

CVE-2022-21882, CVE-2021-1732

Deadbolt Ransomware Exploits QNAP Vulnerability Patched in December Trust: 3.0 Fetched: May 13, 2022, 8:12 a.m., Published: Dec. 13, 2022, midnight	Vulnerabilities: code execution

Affected products	External IDs

Ripple20 vulnerabilities still plaguing IoT devices Trust: 3.75 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2020, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	series
vendor:	treck	model:	tcp/ip stack

Medical device vulnerability scoring flaws put patients’ lives at risk Related entries in the VARIoT vulnerabilities database: VAR-201906-1020 Trust: 4.0 Fetched: May 13, 2022, 8:12 a.m., Published: July 13, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

medtronic

model:

paradigm

db:

NVD

ids:

CVE-2019-10964

CVE-2020-6925, CVE-2020-6926, CVE-2020-6927: Multiple Vulnerabilities in HP Device Manager - Blog \| Tenable® Trust: 3.75 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2066, midnight	Vulnerabilities: command execution

Affected products

External IDs

db:

NVD

ids:

CVE-2020-6927, CVE-2020-6926, CVE-2020-6925

Everything You Need to Know to Stay Secure Trust: 4.5 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2016, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	google	model:	android
vendor:	trend micro	model:	security
vendor:	trend	model:	security

Log4j Vulnerability: 100s of Exposed Packages in Maven Central \| JFrog Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562 Trust: 3.0 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228, CVE-2021-45046

Cyber Security Asean Trust: 4.75 Fetched: May 13, 2022, 8:12 a.m., Published: May 17, 2022, midnight	Vulnerabilities: denial of service, feature bypass, code execution...

Affected products

External IDs

db:

NVD

ids:

CVE-2022-21907, CVE-2022-21849, CVE-2022-21837, CVE-2022-21840, CVE-2022-21846

Inside the Log4j2 vulnerability (CVE-2021-44228) Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 4.0 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

Moxa NPort Device Vulnerabilities (Update A) \| CISA Related entries in the VARIoT vulnerabilities database: VAR-201702-0594, VAR-201702-0851, VAR-201702-0596, VAR-201702-0860, VAR-201702-0597, VAR-201702-0593, VAR-201702-0862, VAR-201702-0595 Trust: 4.5 Fetched: May 13, 2022, 8:11 a.m., Published: March 21, 2017, midnight	Vulnerabilities: resource exhaustion, code execution, cross-site request forgery...

Affected products

External IDs

vendor:	moxa	model:	nport 5200 series
vendor:	moxa	model:	nport
vendor:	moxa	model:	nport 5450ai-m12
vendor:	moxa	model:	nport 5600-8-dtl series
vendor:	moxa	model:	nport 5100a series
vendor:	moxa	model:	nport 5400 series
vendor:	moxa	model:	nport 5600-8-dt
vendor:	moxa	model:	nport 5200a
vendor:	moxa	model:	nport 5110
vendor:	moxa	model:	nport 5600 series
vendor:	moxa	model:	nport 5150ai-m12
vendor:	moxa	model:	nport 5130
vendor:	moxa	model:	nport 5250ai-m12
vendor:	moxa	model:	nport 5100a
vendor:	moxa	model:	nport 5600-8-dtl
vendor:	moxa	model:	nport ia5450a
vendor:	moxa	model:	nport 5200a series
vendor:	moxa	model:	nport p5150a

db:

NVD

ids:

CVE-2016-9366, CVE-2016-9348, CVE-2016-9369, CVE-2016-9361, CVE-2016-9371, CVE-2016-9365, CVE-2016-9363, CVE-2016-9367

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: May 13, 2022, 8:11 a.m., Published: May 15, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

"Multiple Vulnerabilities Impact Netgear Nighthawk R6700 Routers" \| CPS-VO Related entries in the VARIoT vulnerabilities database: VAR-202112-2041, VAR-202112-2044 Trust: 3.75 Fetched: May 13, 2022, 8:11 a.m., Published: Jan. 3, 2022, 10:41 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	netgear	model:	r6700v3
vendor:	netgear	model:	r6700

db:

NVD

ids:

CVE-2021-23147, CVE-2021-20173

More than half of medical devices found to have critical vulnerabilities Trust: 3.75 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2022, midnight	Vulnerabilities: default credentials

Affected products	External IDs

HomeKit vulnerability may cause iOS devices to freeze, crash - Digital India Web Trust: 5.5 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	iphone
vendor:	apple	model:	macos
vendor:	apple	model:	icloud

Linux flaw that allows anyone to hijack Internet traffic also affects 80% of Android devices Trust: 3.75 Fetched: May 13, 2022, 8:11 a.m., Published: Aug. 15, 2016, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2016-5696

Log4j2 Vulnerability: How to Mitigate CVE-2021-44228 \| CrowdStrike Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 4.75 Fetched: May 13, 2022, 8:11 a.m., Published: Dec. 10, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

snort

model:

snort

db:

NVD

ids:

CVE-2021-44228

VARIoT news about IoT security