VARIoT latest news about IoT security

Over Half of Medical IoT Devices Found Vulnerable to Cyberattacks Trust: 4.0 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2022, midnight	Vulnerabilities: default credentials

Affected products	External IDs

Outdated IoT healthcare devices pose major security threats \| CSO Online Trust: 4.75 Fetched: May 13, 2022, 8:11 a.m., Published: May 5, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

cisco

model:

ip phone

An In-Depth Look at the 23 High-Impact Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202202-0009, VAR-202202-0007, VAR-202202-0108, VAR-202106-0358, VAR-202202-0147, VAR-202202-0037, VAR-202110-0264, VAR-202202-0129, VAR-202202-0102 Trust: 4.25 Fetched: May 13, 2022, 8:11 a.m., Published: May 23, 2022, midnight	Vulnerabilities: code execution, memory corruption, privilege escalation

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	lenovo	model:	system
vendor:	lenovo	model:	bios

db:

NVD

ids:

CVE-2021-33627, CVE-2021-43522, CVE-2021-41839, CVE-2020-5953, CVE-2021-45971, CVE-2021-43323, CVE-2021-45970, CVE-2021-41840, CVE-2021-42060, CVE-2021-42113, CVE-2022-24031, CVE-2021-41837, CVE-2021-41841, CVE-2021-45969, CVE-2022-24030, CVE-2020-27339, CVE-2021-43615, CVE-2021-42554, CVE-2021-33625, CVE-2021-33626, CVE-2022-24069, CVE-2021-42059, CVE-2021-41838

Half of IoT devices in hospitals have a known critical - Inavate Trust: 3.25 Fetched: May 13, 2022, 8:11 a.m., Published: Jan. 31, 2022, midnight	Vulnerabilities: -

Affected products	External IDs

Apple iOS 15.3 and iPadOS 15.3 address a number of security vulnerabilities \| Digit Related entries in the VARIoT vulnerabilities database: VAR-202201-0561, VAR-202201-0554 Trust: 5.5 Fetched: May 13, 2022, 8:11 a.m., Published: May 15, 2022, midnight	Vulnerabilities: denial of service, memory corruption

Affected products

External IDs

vendor:	apple	model:	ipod touch
vendor:	apple	model:	safari
vendor:	apple	model:	webkit
vendor:	apple	model:	ipad
vendor:	apple	model:	icloud
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air

db:

NVD

ids:

CVE-2022-22587, CVE-2022-22594

Two Dozen UEFI Vulnerabilities Impact Millions of Devices From Major Vendors \| SecurityWeek.Com Trust: 4.75 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	siemens	model:	ip camera
vendor:	lenovo	model:	system
vendor:	lenovo	model:	edge

Major device vendors face 23 UEFI firmware vulnerabilities Trust: 4.5 Fetched: May 13, 2022, 8:11 a.m., Published: May 23, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	lenovo	model:	updates
vendor:	lenovo	model:	bios firmware
vendor:	lenovo	model:	system
vendor:	lenovo	model:	bios

SpiderLabs Blog \| Trustwave Trust: 4.0 Fetched: May 13, 2022, 8:11 a.m., Published: May 24, 2022, midnight	Vulnerabilities: denial of service, code execution, information disclosure

Affected products	External IDs

BlueZ Trust: 3.0 Fetched: May 13, 2022, 8:11 a.m., Published: March 19, 2005, 6:18 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

mesh

model:

mesh

Google Patches 48 Vulnerabilities With First Set of 2022 Android Updates - Security & Networking - Scot's Newsletter Forums Trust: 3.0 Fetched: May 13, 2022, 8:11 a.m., Published: May 13, 2048, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

Dahua Broken Access Control Vulnerability Trust: 3.0 Fetched: May 13, 2022, 8:11 a.m., Published: Jan. 25, 2022, 10:53 a.m.	Vulnerabilities: access control vulnerability

Affected products	External IDs

Apple rolls out iOS 15.2.1 and iPadOS 15.2.1 with bug fixes for operating system vulnerabilities - The Economic Times Trust: 4.0 Fetched: May 13, 2022, 8:11 a.m., Published: Feb. 15, 2001, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	ipad
vendor:	apple	model:	icloud

What is Secure Coding and Why is It important? \| VPNOverview Trust: 3.75 Fetched: May 13, 2022, 8:11 a.m., Published: May 5, 2022, midnight	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:

trend

model:

security

November 2021 : FCA Notification - CATALYS™ Precision Laser System : Patch installation due to potential cybersecurity vulnerability concerning the Windows Print Spooler Service. - Medical Device Authority (MDA) Trust: 3.0 Fetched: May 13, 2022, 8:11 a.m., Published: Nov. 13, 2021, midnight	Vulnerabilities: code execution

Affected products	External IDs

Security Advisory for KCodes NetUSB Vulnerabilities \| TP-Link Nederland Related entries in the VARIoT vulnerabilities database: VAR-202112-2341 Trust: 3.75 Fetched: May 13, 2022, 8:10 a.m., Published: May 6, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	tp-link	model:	archer c1200
vendor:	tp-link	model:	archer c7
vendor:	kcodes	model:	netusb

db:

NVD

ids:

CVE-2021-45608

Major Linux PolicyKit Security Vulnerability Uncovered: Pwnkit - Slashdot Trust: 4.75 Fetched: May 13, 2022, 8:10 a.m., Published: May 30, 2022, midnight	Vulnerabilities: memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2021-4034

Analyzing an Old Bug and Discovering CVE-2021-30995 Related entries in the VARIoT vulnerabilities database: VAR-202108-1149, VAR-202109-0285, VAR-202108-2078 Trust: 5.75 Fetched: May 13, 2022, 8:10 a.m., Published: Aug. 5, 2022, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:

apple

model:

macos

db:

NVD

ids:

CVE-2021-30995, CVE-2021-1740, CVE-2021-30855

Top Data Breaches, Malware, Vulnerabilities Reported on January 12, 2022 \| Cyware Daily Threat Intelligence \| Daily Threat Briefing Related entries in the VARIoT vulnerabilities database: VAR-202112-2341 Trust: 5.0 Fetched: May 13, 2022, 8:10 a.m., Published: Jan. 12, 2022, midnight	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:

tp-link

model:

routers

db:

NVD

ids:

CVE-2021-45608

3 Weeks, 6 Bugs: Experts Analyze, Advise on WordPress Flaws Trust: 3.5 Fetched: May 13, 2022, 8:10 a.m., Published: May 3, 2022, midnight	Vulnerabilities: cross-site request forgery, sql injection, injection attack...

Affected products

External IDs

db:

NVD

ids:

CVE-2022-21661, CVE-2022-0215, CVE-2022-21664, CVE-2022-21663, CVE-2022-21662, CVE-2022-0218

Security Advisories \| Qualys Related entries in the VARIoT vulnerabilities database: VAR-201712-0124, VAR-201711-1034, VAR-201707-1079, VAR-201712-0125, VAR-201807-0039, VAR-201405-0317, VAR-201711-0414, VAR-201707-1077, VAR-201606-0264, VAR-201807-0040, VAR-201712-0126, VAR-201606-0263, VAR-201205-0405, VAR-201501-0737, VAR-201707-1078, VAR-201711-0411 Trust: 4.5 Fetched: May 13, 2022, 8:10 a.m., Published: May 1, 2022, midnight	Vulnerabilities: buffer overflow, integer overflow, privilege escalation...

Affected products

External IDs

vendor:	dell emc	model:	integrated data protection appliance
vendor:	d-link	model:	router
vendor:	d-link	model:	dir-615
vendor:	d-link	model:	dcs-936l
vendor:	acti	model:	camera
vendor:	netgear	model:	d6000
vendor:	netgear	model:	dgnd3700
vendor:	netgear	model:	dgn2200
vendor:	netgear	model:	wndr4500
vendor:	netgear	model:	d3600
vendor:	brickcom	model:	brickcom
vendor:	citrix	model:	netscaler gateway
vendor:	citrix	model:	gateway
vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	netscaler application delivery controller
vendor:	citrix	model:	netscaler
vendor:	dell	model:	integrated data protection appliance
vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2017-3184, CVE-2017-7851, CVE-2017-9235, CVE-2021-33910, CVE-2017-7406, CVE-2017-3185, CVE-2016-5638, CVE-2014-1849, CVE-2019-19726, CVE-2011-2098, CVE-2017-9236, CVE-2017-14027, CVE-2012-2029, CVE-2017-7404, CVE-2015-5224, CVE-2015-8289, CVE-2016-5649, CVE-2015-3245, CVE-2017-3186, CVE-2015-8288, CVE-2017-9237, CVE-2017-1000408, CVE-2018-14634, CVE-2012-0671, CVE-2015-0235, CVE-2017-1000409, CVE-2012-2031, CVE-2012-2030, CVE-2017-7405, CVE-2017-9238, CVE-2021-4034, CVE-2015-3246, CVE-2017-14021, CVE-2017-1000253

VARIoT news about IoT security