Sign-up

VARIoT news about IoT security

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 9, 2021, 10:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 9, 2021, 11:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Research, News, and Perspectives

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2021-44228

Research, News, and Perspectives

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2021-44228

News :: Articles :: Kryptowire Collaborates with Orange and Uncovers Major Vulnerabilities in Mobile Devices at Scale

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: command execution
Affected productsExternal IDs

The US reveals new software vulnerability, warns hundreds of millions of devices at risk - Jobaaj Stories

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 29, 2021, 6:10 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Netgear fixes code execution flaw in many SOHO devicesSecurity Affairs

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 17, 2021, 9:35 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw - Microsoft Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-201906-0350, VAR-201906-0349

Trust: 5.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: privilege escalation, code injection
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: ring model: ring
db: NVD ids: CVE-2019-5242, CVE-2019-5241

Cisco Industrial Ethernet Switches Device Manager Cross-Site Request Forgery Vulnerability

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: request forgery, cross-site request forgery
Affected productsExternal IDs
vendor: cisco model: industrial ethernet
vendor: cisco model: device manager

Solved: Cisco devices and log4j2 vulnerability - Cisco Community

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 23, 2021, 3:34 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: series switches
vendor: cisco model: catalyst
vendor: cisco model: catalyst 2900 series
vendor: cisco model: series
vendor: cisco model: catalyst 2900

Apache Log4j 2 Vulnerability Security Advisory | Google Cloud

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh
vendor: google model: android
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Log4j Zero-Day Vulnerability Response

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-2011, VAR-202112-0562

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 10, 2022, 3:07 p.m.
 Vulnerabilities: information leak, code execution
Affected productsExternal IDs
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo model: palo alto networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-4104, CVE-2021-45056, CVE-2021-44832, CVE-2021-45046, CVE-2021-4428

Addressing Apache Log4j Vulnerability with NGFW and Cloud-Delivered Security Services - Palo Alto Networks Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 5.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 17, 2021, 2:40 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: palo alto networks
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo model: palo alto networks
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Log4j CVE 2021-44228: Systems Affected and Impact… | Bishop Fox

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 10, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228 | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

CVE-2021-44228: Proof-of-Concept for Critical Apache Log4j Remote Code Execution Vulnerability Available (Log4Shell) - Blog | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 10, 2021, 8:44 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228

Cisco DNA Center User Guide, Release 2.1.2 - Identify Network Security Advisories [Cisco DNA Center] - Cisco

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Oct. 28, 2021, 4:21 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: dna center

Apache Log4j Vulnerability | HP® Customer Support

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hp model: omen
db: NVD ids: CVE-2021-44228

CyberSec Researchers Reveal 2M Devices Vulnerable as Botnet Launchpad

Related entries in the VARIoT vulnerabilities database: VAR-201808-0384

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 13, 2021, 11:49 p.m.
 Vulnerabilities: file inclusion, path traversal, code execution...
Affected productsExternal IDs
vendor: mikrotik model: mikrotik
vendor: mikrotik model: routers
vendor: mikrotik model: router
vendor: mikrotik model: winbox
db: NVD ids: CVE-2018-14847, CVE-2021-43176

Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021 - Cisco

Related entries in the VARIoT vulnerabilities database: VAR-202109-1802

Trust: 4.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 17, 2021, 6:18 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: telepresence
vendor: cisco model: cisco prime collaboration assurance
vendor: cisco model: prime network
vendor: cisco model: hosted collaboration mediation fulfillment
vendor: cisco model: cisco unified communications domain manager
vendor: cisco model: video surveillance media server
vendor: cisco model: cisco prime network
vendor: cisco model: unified communications
vendor: cisco model: prime network services controller
vendor: cisco model: unified communications manager
vendor: cisco model: virtual security gateway
vendor: cisco model: prime collaboration assurance
vendor: cisco model: unified communications domain manager
vendor: cisco model: cisco unified communications manager
vendor: cisco model: prime collaboration
vendor: cisco model: unified communications manager session management edition
vendor: cisco model: cisco prime network services controller
vendor: cisco model: cisco socialminer
vendor: cisco model: nexus
vendor: cisco model: unified communications manager im & presence service
vendor: cisco model: cisco virtual topology system
vendor: cisco model: socialminer
vendor: cisco model: cisco hosted collaboration mediation fulfillment
vendor: cisco model: virtual topology system
vendor: cisco model: series
vendor: cisco model: cisco prime collaboration
db: NVD ids: CVE-2021-40438