VARIoT latest news about IoT security

Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem Trust: 4.5 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 18, 2015, midnight	Vulnerabilities: sql injection, denial of service, buffer overflow...

Affected products

External IDs

vendor:

parallels

model:

tools

Cybersecurity Vulnerabilities Affecting Medtronic Implantable Cardiac Devices, Programmers, and Home Monitors: FDA Safety Communication \| FDA Trust: 3.5 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 30, 2020, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	medtronic	model:	consulta crt-d
vendor:	medtronic	model:	secura icd
vendor:	medtronic	model:	concerto crt-d
vendor:	medtronic	model:	carelink monitor
vendor:	medtronic	model:	carelink programmer
vendor:	medtronic	model:	evera icd
vendor:	medtronic	model:	mycarelink monitor
vendor:	medtronic	model:	maximo ii crt-d
vendor:	medtronic	model:	virtuoso icd
vendor:	medtronic	model:	carelink 2090 programmer
vendor:	medtronic	model:	virtuoso ii icd
vendor:	medtronic	model:	viva crt-d
vendor:	medtronic	model:	carelink 2090
vendor:	medtronic	model:	concerto ii crt-d
vendor:	medtronic	model:	visia af icd
vendor:	medtronic	model:	encore programmer
vendor:	medtronic	model:	nayamed nd icd
vendor:	medtronic	model:	protecta crt-d

New botnet targets network security devices with critical exploits Related entries in the VARIoT vulnerabilities database: VAR-202002-0403, VAR-202102-0290, VAR-202010-0585 Trust: 5.5 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 6, 2022, midnight	Vulnerabilities: command injection, command execution, remote command injection...

Affected products

External IDs

vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	palo alto networks
vendor:	d-link	model:	dns-320
vendor:	d-link	model:	router
vendor:	netis	model:	wf2419
vendor:	netgear	model:	router
vendor:	netgear	model:	prosafe
vendor:	sonicwall	model:	ssl-vpn
vendor:	sonicwall	model:	sonicwall ssl-vpn
vendor:	palo	model:	networks
vendor:	palo	model:	firewall
vendor:	palo	model:	palo alto networks

db:

NVD

ids:

CVE-2021-22502, CVE-2021-27562, CVE-2019-19356, CVE-2020-25506, CVE-2021-27561, CVE-2020-26919

Future Internet \| Free Full-Text \| A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices \| HTML Trust: 3.0 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Feb. 6, 2020, midnight	Vulnerabilities: code execution

Affected products	External IDs

Top IoT security vulnerabilities: 2020 and beyond Trust: 5.0 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 18, 2020, midnight	Vulnerabilities: default credentials

Affected products

External IDs

vendor:

treck

model:

tcp/ip stack

12 hardware and software vulnerabilities you should address now \| Computerworld Trust: 3.25 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Oct. 12, 2016, 9:03 a.m.	Vulnerabilities: buffer overflow, cross-site scripting, code execution

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	iphone

Device Vulnerabilities in the Connected Home Related entries in the VARIoT vulnerabilities database: VAR-201505-0274 Trust: 6.25 Fetched: Jan. 18, 2022, 11:14 a.m., Published: April 16, 2018, midnight	Vulnerabilities: command injection, code execution, denial of service...

Affected products

External IDs

vendor:	d-link	model:	router
vendor:	d-link	model:	eyeon baby monitor
vendor:	d-link	model:	dcs-825l
vendor:	dahua	model:	camera
vendor:	dahua	model:	ptz camera
vendor:	dahua	model:	ip camera
vendor:	trend	model:	home network security
vendor:	trend	model:	security
vendor:	trend micro	model:	home network security
vendor:	trend micro	model:	security
vendor:	belkin	model:	router
vendor:	realtek	model:	realtek sdk
vendor:	buffalo	model:	router
vendor:	buffalo	model:	wsr-300hp

db:

NVD

ids:

CVE-2014-8361

Smart Yet Flawed: IoT Device Vulnerabilities Explained - Security News Related entries in the VARIoT vulnerabilities database: VAR-202003-1707 Trust: 4.25 Fetched: Jan. 18, 2022, 11:14 a.m., Published: May 28, 2020, midnight	Vulnerabilities: default credentials, denial of service

Affected products

External IDs

vendor:	serve	model:	serve
vendor:	trend micro	model:	home network security
vendor:	trend micro	model:	security
vendor:	trend	model:	home network security
vendor:	trend	model:	security
vendor:	sonos	model:	sonos

db:

NVD

ids:

CVE-2020-9054

Billions of devices affected by UPnP vulnerability - Naked Security Related entries in the VARIoT vulnerabilities database: VAR-202006-0391 Trust: 6.0 Fetched: Jan. 18, 2022, 11:14 a.m., Published: June 10, 2020, 12:36 p.m.	Vulnerabilities: request forgery

Affected products

External IDs

db:

NVD

ids:

CVE-2020-12695

EETimes - IoT Device Vendors: Why Resist Vulnerability Reporting? Trust: 4.5 Fetched: Jan. 18, 2022, 11:14 a.m., Published: April 17, 2020, 8 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	home
vendor:	sony	model:	camera
vendor:	apple	model:	watch
vendor:	huawei	model:	huawei
vendor:	ring	model:	ring
vendor:	lenovo	model:	system
vendor:	lenovo	model:	updates
vendor:	motorola	model:	android
vendor:	motorola	model:	motorola
vendor:	samsung	model:	notes
vendor:	samsung	model:	samsung

SweynTooth Vulnerabilities \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202002-0294, VAR-202002-0394, VAR-202002-0295, VAR-202002-0391, VAR-202002-0491, VAR-202002-0487, VAR-202002-0393, VAR-202002-0418, VAR-202002-0392 Trust: 3.5 Fetched: Jan. 18, 2022, 11:14 a.m., Published: March 4, 2020, midnight	Vulnerabilities: memory corruption, security bypass, buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2019-17060, CVE-2019-17519, CVE-2019-17061, CVE-2019-19193, CVE-2019-17520, CVE-2019-19196, CVE-2019-19192, CVE-2019-17518, CVE-2019-16336, CVE-2019-19194, CVE-2019-19195, CVE-2019-17517

VU#941987 - Apple devices vulnerable to arbitrary code execution in SecureROM Trust: 4.0 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Oct. 8, 2020, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	ipod touch
vendor:	apple	model:	ipad
vendor:	apple	model:	watch
vendor:	apple	model:	apple tv

INTEL-SA-00306 Related entries in the VARIoT vulnerabilities database: VAR-202001-0482 Trust: 4.0 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 7, 2020, 10:27 p.m.	Vulnerabilities: improper access control, denial of service, information disclosure

Affected products

External IDs

db:

NVD

ids:

CVE-2019-14596

Understanding Vulnerability Scoring: CVSS Explained Trust: 3.25 Fetched: Jan. 18, 2022, 11:14 a.m., Published: May 7, 2020, 3:50 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

serve

model:

serve

A 5-Minute Guide on How to Secure IoT Devices Within Your Enterprise - Hashed Out by The SSL Store™ Trust: 3.75 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Dec. 23, 2021, 3:39 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

serve

model:

serve

Microsoft: powerdir bug gives access to protected macOS user data Related entries in the VARIoT vulnerabilities database: VAR-202010-1252, VAR-202010-1253, VAR-202108-1285, VAR-202109-1380 Trust: 4.5 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 6, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	netgear	model:	router
vendor:	netgear	model:	netgear router
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2020-9934, CVE-2020-9771, CVE-2021-30970, CVE-2021-30713

Apple accused of recklessness over iOS security vulnerability \| TechRadar Trust: 5.0 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 4, 2022, 2:20 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

apple

model:

icloud

Your PC could be hacked in seconds just by making a surprisingly simple mistake Trust: 3.0 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 12, 2022, 4:08 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

watch

security settings: Why Microsoft has urged Apple users to apply macOS security settings immediately - Times of India Related entries in the VARIoT vulnerabilities database: VAR-202108-1285 Trust: 5.0 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 23, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	icloud

db:

NVD

ids:

CVE-2021-30970

Critical, “Wormable” Microsoft Vulnerability Could Lead to Cyberattacks Related entries in the VARIoT vulnerabilities database: VAR-202105-1269 Trust: 4.0 Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 12, 2022, 5 p.m.	Vulnerabilities: denial of service, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-31166, CVE-2022-21846, CVE-2022-21907

VARIoT news about IoT security