Sign-up

VARIoT news about IoT security

Researcher discloses alleged zero-day vulnerabilities in NUUO NVRmini2 recording device | The Daily Swig

Trust: 5.5

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 14, 2022, 4:30 p.m.
 Vulnerabilities: command injection, code execution, path traversal
Affected productsExternal IDs
vendor: nuuo model: network video recorder
vendor: nuuo model: nvrmini2
db: NVD ids: CVE-2011-5325

Hardware: News, Reviews, Analysis and Insights | IT PRO

Trust: 3.0

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 11, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tp-link model: routers

What is Log4j Vulnerability? - Security Boulevard

Trust: 4.0

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 13, 2022, 4:42 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

How To Mitigate Log4j Vulnerabilities For F5 Devices Using ADC+ - Traxense

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.25

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 17, 2022, 9:01 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Apple iOS 15.2.1 Update: Should You Upgrade iPhone, iPad Now or Wait for iOS 15.3? | Tech Times

Trust: 3.5

Fetched: Jan. 20, 2022, 8:28 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: iphone

Alerts and WIDS - Kismet

Related entries in the VARIoT vulnerabilities database: VAR-202106-0357, VAR-202106-0356, VAR-202007-1257, VAR-201909-1453

Trust: 5.25

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 2, 2022, 2:23 a.m.
 Vulnerabilities: code execution, denial of service, buffer overflow
Affected productsExternal IDs
vendor: broadcom model: linux
vendor: broadcom model: broadcom
vendor: trend model: security
db: NVD ids: CVE-2020-27302, CVE-2020-27301, CVE-2019-17666, CVE-2020-9395, CVE-2019-10539, CVE-2017-9714, CVE-2017-11013

Metabolic vulnerabilities in malignant cells may lead to new breast cancer therapies

Trust: 3.0

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 13, 2022, 2:07 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: serve model: serve

IOS 15.2.1, IPadOS 15.2.1 Released To Fix HomeKit Denial-of-Service Vulnerability Know Details

Trust: 4.75

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 13, 2022, 7:04 a.m.
 Vulnerabilities: denial of service, resource exhaustion
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: ipod touch
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipad

(1) New Message!

Trust: 3.25

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 18, 2022, 2:12 p.m.
 Vulnerabilities: sql injection, buffer overflow
Affected productsExternal IDs
vendor: gale model: gale
vendor: tippingpoint model: tippingpoint
vendor: google model: home

Microsoft: Bug in powerdir server lets users bypass macOS login screen

Trust: 4.75

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 10, 2022, 10:10 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macbook
vendor: apple model: macbook pro
vendor: apple model: macos
vendor: netgear model: router
vendor: netgear model: netgear router

4 Microsoft Teams Bugs Put Android Phones in Danger: Is There a Fix? | iTech Post

Trust: 3.75

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Dec. 23, 2021, 9:42 a.m.
 Vulnerabilities: denial of service, address leak, request forgery
Affected productsExternal IDs

Microsoft patches about 100 vulnerabilities, 9 of them critical | Kaspersky official blog

Related entries in the VARIoT vulnerabilities database: VAR-202201-0640

Trust: 3.0

Fetched: Jan. 18, 2022, 1:58 p.m., Published: -
 Vulnerabilities: code execution, denial of service, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-21857, CVE-2022-21833, CVE-2022-21846, CVE-2022-21919, CVE-2022-21836, CVE-2022-21839

New MacOS Vulnerability Could Expose ALL Your Private Data To Hackers | Tech Times

Related entries in the VARIoT vulnerabilities database: VAR-202108-1285

Trust: 3.5

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 12, 2022, 4:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: watchos
vendor: zoom model: zoom
db: NVD ids: CVE-2021-30970

5 CRITICAL VULNERABILITIES IN SONICWALL SECURE MOBILE ACCESS (SMA) SERIES 100 DEVICES: UPDATE IMMEDIATELY " Cyber Security

Related entries in the VARIoT vulnerabilities database: VAR-202112-0361, VAR-202112-0731, VAR-202112-0732, VAR-202112-0389, VAR-202112-0730

Trust: 5.5

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 15, 2022, 12:15 a.m.
 Vulnerabilities: code execution, command injection
Affected productsExternal IDs
vendor: sonicwall model: sma 100
vendor: sonicwall model: secure mobile access
db: NVD ids: CVE-2021-20038, CVE-2021-20041, CVE-2021-20040, CVE-2021-20039, CVE-2021-20042

Microsoft patches about 100 vulnerabilities, 9 of them critical | Kaspersky official blog

Related entries in the VARIoT vulnerabilities database: VAR-202201-0640

Trust: 3.0

Fetched: Jan. 18, 2022, 1:58 p.m., Published: -
 Vulnerabilities: code execution, denial of service, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-21857, CVE-2022-21833, CVE-2022-21846, CVE-2022-21919, CVE-2022-21836, CVE-2022-21839

LOG4J 2 Vulnerability Impact on MSFT Enterprise Products & Services

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566

Trust: 4.0

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 9, 2022, 10:33 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44228

Technical Advisory: Zero-day critical vulnerability in Log4j2 exploited in the wild

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.5

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Jan. 6, 2022, midnight
 Vulnerabilities: denial of service, code execution, command execution
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2021-44228

Service Advisory - Zero-day Vulnerability Advisory Notice - Apache log4j - Active Exploits | University Information Technology (UIT)

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.25

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Dec. 13, 2021, 9 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Sky Broadband took almost 18 months to fix serious router flaw | IT PRO

Trust: 3.0

Fetched: Jan. 18, 2022, 11:55 a.m., Published: May 18, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs

27 flaws in USB-over-network SDK affect millions of cloud users

Related entries in the VARIoT vulnerabilities database: VAR-202112-0322

Trust: 4.0

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Sept. 25, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2021-42996, CVE-2021-42682, CVE-2021-42976, CVE-2021-42979, CVE-2021-42688, CVE-2021-42683, CVE-2021-43003, CVE-2021-43637, CVE-2021-42986, CVE-2021-42980, CVE-2021-43006, CVE-2021-42972, CVE-2021-42987, CVE-2021-42983, CVE-2021-42990, CVE-2021-42686, CVE-2021-42973, CVE-2021-43000, CVE-2021-42977, CVE-2021-42994, CVE-2021-42685, CVE-2021-42687, CVE-2021-42988, CVE-2021-43638, CVE-2021-43002, CVE-2021-42993, CVE-2021-42681