Sign-up

VARIoT news about IoT security

Trio of Flaws Allows Remote Takeover of Some APC UPS Devices | Decipher

Related entries in the VARIoT vulnerabilities database: VAR-202203-0236, VAR-202203-0237, VAR-202203-0235

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: March 7, 2022, midnight
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-22806, CVE-2022-22805, CVE-2022-0715

These D-Link Routers Are Vulnerable To Remote Hacks And Should Be Retired Immediately | HotHardware

Related entries in the VARIoT vulnerabilities database: VAR-202202-1281

Trust: 6.0

Fetched: June 1, 2022, 8:58 a.m., Published: April 12, 2022, 4:54 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: d-link model: dir-830l
vendor: d-link model: dir-810l
vendor: d-link model: router
vendor: d-link model: dir-820l
vendor: d-link model: dir-836l
vendor: d-link model: dir-826l
db: NVD ids: CVE-2021-45382

UAE authority warns of Zoom vulnerabilities that compromise users' devices

Trust: 3.0

Fetched: June 1, 2022, 8:58 a.m., Published: May 28, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: zoom model: zoom

Log4Shell Ranked Top Exploited Vulnerability of 2021 by Agencies - HS Today

Trust: 4.5

Fetched: June 1, 2022, 8:58 a.m., Published: April 27, 2022, 6:08 p.m.
 Vulnerabilities: file reading vulnerability, memory corruption, security feature bypass...
Affected productsExternal IDs
vendor: zoho model: manageengine adselfservice plus
vendor: pulse secure model: pulse connect secure
vendor: pulse secure model: connect secure
vendor: pulse model: secure pulse connect secure
vendor: accellion model: accellion file transfer appliance
vendor: accellion model: file transfer appliance

15 Most Exploited Vulnerabilities in 2021

Related entries in the VARIoT vulnerabilities database: VAR-201906-0815, VAR-202112-0566, VAR-202008-0248

Trust: 5.5

Fetched: June 1, 2022, 8:58 a.m., Published: April 29, 2022, 12:46 p.m.
 Vulnerabilities: security bypass, security feature bypass, code execution...
Affected productsExternal IDs
vendor: pulse model: secure pulse connect secure
vendor: pulse secure model: pulse connect secure
vendor: pulse secure model: connect secure
db: NVD ids: CVE-2021-26858, CVE-2021-34473, CVE-2020-0688, CVE-2021-34523, CVE-2021-26855, CVE-2018-13379, CVE-2021-44228, CVE-2021-40539, CVE-2021-26857, CVE-2019-11510, CVE-2021-31207, CVE-2020-1472, CVE-2021-27065, CVE-2021-21972, CVE-2021-26084

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

Related entries in the VARIoT vulnerabilities database: VAR-202205-0394, VAR-202112-0566, VAR-202202-0832, VAR-202203-0233, VAR-202112-0562

Trust: 4.0

Fetched: June 1, 2022, 8:58 a.m., Published: May 31, 2022, 12:41 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-1388, CVE-2021-44228, CVE-2021-35064, CVE-2022-25075, CVE-2022-22947, CVE-2021-45046

Lenovo Notebook BIOS Vulnerabilities - Lenovo Support BG

Trust: 3.75

Fetched: June 1, 2022, 8:58 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lenovo model: l340-15iwl
vendor: lenovo model: notebook
vendor: lenovo model: yoga
vendor: lenovo model: l340-17iwl
vendor: lenovo model: bios
vendor: lenovo model: l340-15irh
vendor: lenovo model: l340-17irh
db: NVD ids: CVE-2021-3972, CVE-2021-3971, CVE-2021-3970

Intel Releases 16 Security Advisories Covering 41 Vulnerabilities in CPUs, NUCs, SSDs | Tom's Hardware

Trust: 4.0

Fetched: June 1, 2022, 8:58 a.m., Published: May 11, 2022, 4:57 p.m.
 Vulnerabilities: information disclosure, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2022-21151

Actively exploited vulnerability in Windows | Kaspersky official blog

Related entries in the VARIoT vulnerabilities database: VAR-202205-0799

Trust: 3.25

Fetched: June 1, 2022, 8:58 a.m., Published: Jan. 1, 2050, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-22713, CVE-2022-22012, CVE-2022-29972, CVE-2022-26937, CVE-2022-29130, CVE-2022-26925

High-Tech Drug Infusion Pumps in Hospitals Vulnerable to Damage, Hackers - Consumer Health News | HealthDay

Trust: 3.25

Fetched: June 1, 2022, 8:58 a.m., Published: March 21, 2022, 12:12 p.m.
 Vulnerabilities: information leakage, default credentials, denial of service
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo alto networks model: networks

Code Execution Vulnerabilities Found in XINJE PLC Application

Trust: 4.75

Fetched: June 1, 2022, 8:58 a.m., Published: May 11, 2022, 1 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-34605, CVE-2021-34606

Millions of Lenovo laptops thought to be vulnerable to newly discovered UEFI malware attacks | IT PRO

Trust: 4.5

Fetched: June 1, 2022, 8:58 a.m., Published: May 1, 2022, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: lenovo model: system
vendor: lenovo model: updates
vendor: lenovo model: bios
db: NVD ids: CVE-2021-3972, CVE-2021-3971, CVE-2021-3970

HP Warns Printers Vulnerable To Remote Code Execution

Trust: 5.0

Fetched: June 1, 2022, 8:58 a.m., Published: March 22, 2022, 4:13 p.m.
 Vulnerabilities: buffer overflow, code execution, information disclosure...
Affected productsExternal IDs
vendor: palo model: firewall

Uncovering Hidden Threats in Bluetooth Low Energy Medical Devices-

Trust: 4.75

Fetched: June 1, 2022, 8:58 a.m., Published: May 18, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: serve model: serve
db: NVD ids: CVE-2019-19194

Microsoft discovers Nimbuspwn privilege escalation vulnerabilities in Linux

Trust: 4.0

Fetched: June 1, 2022, 8:58 a.m., Published: April 27, 2022, 9:26 a.m.
 Vulnerabilities: code execution, privilege escalation, directory traversal
Affected productsExternal IDs
db: NVD ids: CVE-2022-29799, CVE-2022-29800

Apple Fixed Two Actively Exploited Vulnerabilities in macOS 12.3.1 Monterey, But Hasn't Released Updates for Big Sur or Catalina - MacRumors

Related entries in the VARIoT vulnerabilities database: VAR-202203-1580, VAR-202203-1579

Trust: 4.0

Fetched: June 1, 2022, 8:58 a.m., Published: Dec. 3, 2001, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2022-22675, CVE-2022-22674

Can Webroot scan my IoT devices for malwarre and vulnerabilities? | Webroot Community

Trust: 3.0

Fetched: June 1, 2022, 8:58 a.m., Published: June 1, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Android Devices Are at Risk After Microsoft Detects Serious Security Bugs

Trust: 3.75

Fetched: June 1, 2022, 8:58 a.m., Published: May 31, 2022, 7:33 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-42600, CVE-2021-42598, CVE-2021-42599, CVE-2021-42601

Zyxel firewalls vulnerable to remote code execution - Security - iTnews

Trust: 4.0

Fetched: June 1, 2022, 8:58 a.m., Published: Oct. 1, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: zyxel model: usg20-vpn

F5 BIG-IP systems vulnerable to remote takeover - Security - iTnews

Related entries in the VARIoT vulnerabilities database: VAR-202205-0394

Trust: 5.0

Fetched: June 1, 2022, 8:58 a.m., Published: Oct. 1, 2022, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2022-1388