VARIoT latest news about IoT security

Report: Fifty-three Percent of Connected Medical Devices Have a Vulnerability \| Healthcare Innovation Trust: 3.0 Fetched: Feb. 3, 2022, 11:02 a.m., Published: -	Vulnerabilities: -

Affected products	External IDs

How Hidden Vulnerabilities will Lead to Mobile Device Compromises - MalwareDefinition.com Trust: 5.0 Fetched: Feb. 3, 2022, 11:02 a.m., Published: -	Vulnerabilities: session hijacking

Affected products

External IDs

vendor:

google

model:

wifi

More Than Half of Medical Devices Have Critical Vulnerabilities \| News \| Communications of the ACM Trust: 3.0 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products	External IDs

Over 300,000 MikroTik Devices Were Found Vulnerable to Remote Hacking Bugs - Airzero Sec Related entries in the VARIoT vulnerabilities database: VAR-201910-0547, VAR-201808-0384, VAR-202111-0616, VAR-201910-0546, VAR-201803-2171 Trust: 5.5 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: directory traversal, buffer overflow, code execution

Affected products

External IDs

vendor:	mikrotik	model:	router
vendor:	mikrotik	model:	mikrotik routers
vendor:	mikrotik	model:	routers
vendor:	mikrotik	model:	winbox
vendor:	mikrotik	model:	routeros
vendor:	tp-link	model:	routers

db:

NVD

ids:

CVE-2019-3978, CVE-2018-14847, CVE-2021-41653, CVE-2019-3977, CVE-2018-7445, CVE-2021-36260

Log4Shell: ESET blocks hundreds of thousands of attack attempts \| ESET Blog Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 4.0 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

iOS Devices Can Freeze, Crash Due to a HomeKit Vulnerability - TechBea Trust: 3.5 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	ipad
vendor:	apple	model:	macos
vendor:	apple	model:	icloud

URL confusion vulnerabilities in the wild: Exploring parser inconsistencies \| Snyk Trust: 3.5 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	nagios	model:	nagios xi
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2021-33056, CVE-2021-23401, CVE-2021-23385, CVE-2021-23414, CVE-2021-37352, CVE-2021-23435, CVE-2021-32618, CVE-2021-23393

CVE-2022-20698 \| WhiteSource Vulnerability Database Trust: 5.75 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: process crash, denial of service

Affected products

External IDs

vendor:

clam

model:

clamav

db:

NVD

ids:

CVE-2022-20698

The Underground Economist: Volume 1, Issue 7 \| ZeroFox Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 4.75 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228, CVE-2021-45232

FTC notifies companies to take measures against Log4j software vulnerability - Industrial Cyber Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 3.0 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

Log4Shell critical vulnerability's impact on Genetec products Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 3.25 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) \| Web Hosting Talk Trust: 3.75 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: privilege escalation

Affected products

External IDs

db:

NVD

ids:

CVE-2021-4034

Bluetooth - Wikipedia Trust: 3.25 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	broadcom	model:	linux
vendor:	broadcom	model:	anti-virus
vendor:	apple	model:	macbook air
vendor:	apple	model:	mac os x
vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	apple	model:	macbook
vendor:	apple	model:	mac os
vendor:	google	model:	wifi
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	notes
vendor:	samsung	model:	mobile
vendor:	samsung	model:	galaxy s8
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	mobile phones
vendor:	netbsd	model:	current
vendor:	motorola	model:	android
vendor:	motorola	model:	motorola
vendor:	sony	model:	playstation
vendor:	sony	model:	playstation 3
vendor:	sony	model:	camera
vendor:	trend	model:	security
vendor:	nokia	model:	series

Apple have released a fix for the first two zero-day vulnerabilities of 2022 - Affecting MacOS, iOS and iPadOS devices - VISO Related entries in the VARIoT vulnerabilities database: VAR-202201-0567, VAR-202201-0423, VAR-202201-0424, VAR-202201-0554, VAR-202201-0561, VAR-202201-0304, VAR-202201-0322 Trust: 5.75 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: memory corruption, code execution

Affected products

External IDs

vendor:	apple	model:	safari
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2022-22590, CVE-2022-22579, CVE-2022-22589, CVE-2022-22594, CVE-2022-22587, CVE-2022-22592, CVE-2022-22584

Apple Patches Actively Exploited Zero-Day Vulnerability in iOS and macOS Devices - Adwareinfo.com Trust: 3.25 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

How Many IoT Devices Are There in 2022? [More than Ever!] Trust: 3.25 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	series
vendor:	mesh	model:	mesh
vendor:	google	model:	google home
vendor:	google	model:	home
vendor:	google	model:	wifi

How Hidden Vulnerabilities will Lead to Mobile Device Compromises - Attackware.com Trust: 5.0 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: session hijacking

Affected products

External IDs

vendor:

google

model:

wifi

Microsoft patches about 100 vulnerabilities, 9 of them critical \| Kaspersky official blog Related entries in the VARIoT vulnerabilities database: VAR-202201-0640 Trust: 3.0 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: privilege escalation, code execution, denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2022-21833, CVE-2022-21919, CVE-2022-21836, CVE-2022-21839, CVE-2022-21846, CVE-2022-21857

Rapid7 reports on five vulnerabilities in SonicWall SMA 100 devices, one an RCE - NewsBreak Trust: 3.0 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

sonicwall

model:

sma 100

'DoorLock' Vulnerability Can Force iOS Devices to Endlessly Reboot \| HITBSecNews Trust: 3.25 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: -

Affected products	External IDs

VARIoT news about IoT security