Sign-up

VARIoT news about IoT security

Apple HomeKit vulnerability can lock Apple devices

Trust: 3.5

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 19, 2022, midnight
 Vulnerabilities: denial of service, buffer overflow
Affected productsExternal IDs
vendor: apple model: icloud

Millions Devices At Risk Because Of New Software Vulnerability - The True Reporter

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.0

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Dec. 15, 2021, 10:54 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

13 Best VAPT Tools Ranked for 2022 (Paid, Free Trials & Open-source)

Trust: 3.5

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Oct. 10, 2019, 12:27 p.m.
 Vulnerabilities: sql injection, cross-site scripting
Affected productsExternal IDs
vendor: netbsd model: current

Joker Malware Marks Another Return to the Play Store, Infects 500K Android Devices | Toolbox It Security

Trust: 3.75

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Dec. 20, 2021, 4:05 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Log4j zero-day vulnerability: What it is and how it impacts users, all explained in 5 points - Technology News

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.75

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Dec. 13, 2021, 8:52 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228

F-Secure discovers vulnerabilities affecting over 150 HP printer models | F-Secure Press Room

Trust: 3.0

Fetched: Jan. 20, 2022, 8:28 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-39238, CVE-2021-39237

2022-01 Security Bulletin: Junos Fusion: A Satellite Device can be controlled by rewiring it to a foreign AD causing a DoS (CVE-2022-22154) - Juniper Networks

Related entries in the VARIoT vulnerabilities database: VAR-202201-0632

Trust: 4.25

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 20, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2022-22154

Critical RCE Vulnerability Is Affecting Java : msp

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566

Trust: 4.75

Fetched: Jan. 20, 2022, 8:28 a.m., Published: March 20, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
db: NVD ids: CVE-2021-45105, CVE-2021-44228

CyRC Vulnerability Advisory: Multiple vulnerabilities discovered in GOautodial | Synopsys

Trust: 4.75

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Dec. 7, 2021, 2 p.m.
 Vulnerabilities: information disclosure, path traversal, file inclusion...
Affected productsExternal IDs
db: NVD ids: CVE-2021-43175, CVE-2021-43176

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | WTKG 1230 AM

Trust: 3.0

Fetched: Jan. 20, 2022, 8:28 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Top 15 Paid and Free Vulnerability Scanner Tools - DNSstuff

Trust: 3.5

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 6, 2020, 7:54 a.m.
 Vulnerabilities: default credentials, sql injection, cross-site scripting...
Affected productsExternal IDs
vendor: tripwire model: ip360

Vulnerability Scanning Guide: What It Is and How to Do It Right

Trust: 4.75

Fetched: Jan. 20, 2022, 8:28 a.m., Published: April 5, 2019, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: comodo model: firewall

Insulin pumps among millions of devices facing risk from newly disclosed cyber vulnerability, IBM says | MedTech Dive

Trust: 3.75

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Aug. 25, 2020, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Alerts & Security Vulnerability Announcements

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.25

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

14 Best Network Security Auditing Tools - What to Know in 2022

Trust: 4.25

Fetched: Jan. 20, 2022, 8:28 a.m., Published: March 2, 2020, 10:32 a.m.
 Vulnerabilities: sql injection, cross-site scripting
Affected productsExternal IDs
vendor: cisco model: secure desktop
vendor: symantec model: antivirus

KCodes NetUSB bug exposes millions of routers to RCE attacks

Trust: 5.5

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 11, 2022, midnight
 Vulnerabilities: integer overflow, code execution
Affected productsExternal IDs
vendor: kcodes model: netusb
vendor: tp-link model: routers
vendor: netgear model: r6400v2
vendor: netgear model: r6700v3
vendor: netgear model: d7800
vendor: tenda model: router
db: NVD ids: CVE-2021-45388

Rapid7 reports on five vulnerabilities in SonicWall SMA 100 devices, one an RCE

Related entries in the VARIoT vulnerabilities database: VAR-202112-0361

Trust: 4.75

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 11, 2022, 5:54 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: sma 100
vendor: sonicwall model: secure mobile access
db: NVD ids: CVE-2021-20038

Apple's HomeKit can be abused to reboot iPhones endlessly

Trust: 3.75

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 3, 2022, 7:47 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone

HPE | Apache Software Log4j

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566, VAR-202112-2011, VAR-202112-1782

Trust: 4.75

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 7, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-4104, CVE-2021-44228, CVE-2021-44832, CVE-2021-45105

[no-title]

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566

Trust: 4.25

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Dec. 29, 2021, midnight
 Vulnerabilities: denial of service, command execution, code execution
Affected productsExternal IDs
vendor: trend model: worry-free business security
vendor: trendmicro model: security
vendor: trendmicro model: worry-free business security
db: NVD ids: CVE-2021-45105, CVE-2021-44228