Sign-up

VARIoT news about IoT security

Second Log4j vulnerability discovered, patch already released | ZDNet

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 14, 2021, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Log4j software bug: What you need to know - CNET

Trust: 3.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 21, 2021, 9:01 a.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: check point model: check point
vendor: trend micro model: security
vendor: trend model: security

An update on the Apache Log4j 2.x vulnerabilities - IBM PSIRT Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 4.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 15, 2022, 3:25 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: blackberry model: blackberry
vendor: blackberry model: link
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 - Microsoft Security Response Center

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-45046

[Update: CISA issues Log4j vulnerabilities scanner] Log4j zero-day "Log4Shell" arrives just in time to ruin your weekend | Malwarebytes Labs

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 10, 2021, 6:03 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Severe Apache Log4j Vulnerabilities Could Result in Healthcare Cyberattacks

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 14, 2021, 1:30 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Log4j Vulnerability and the Complexity of Modeling Cyber Risk | RMS

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs

Vulnerability Found In Google Pixel Devices - Users Urged To Update Immediately - KoDDoS Blog

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 9, 2021, 4:54 p.m.
 Vulnerabilities: code execution, information leakage, information disclosure
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2021-0964, CVE-2021-0967

Log4j 2.17.1 now available with more Log4Shell vulnerability fixes

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-2011

Trust: 6.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 28, 2021, 8:55 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228, CVE-2021-44832

Log4j vulnerabilities, malware strains multiply; major attack disclosed | VentureBeat

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 21, 2021, 1:20 a.m.
 Vulnerabilities: denial of service, privilege escalation, code execution
Affected productsExternal IDs
vendor: check point model: check point
vendor: trend micro model: security
vendor: trend model: security

CISA alerts to 13 vulnerabilities in Fresenius Kabi Agilia infusion systems

Trust: 4.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 22, 2021, 12:57 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: lighttpd model: lighttpd

Microsoft Warns of Active Directory Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202111-0660

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 21, 2021, 1:17 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2021-42278, CVE-2021-42287

Defender for Cloud finds machines affected by Log4j vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 13, 2021, 3:20 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Apache Log4j Vulnerability - Log4Shell - Widely Under Active Attack

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 13, 2021, 5:10 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: email security
db: NVD ids: CVE-2021-26084, CVE-2021-44228

Log4j Zero Day Vulnerability: CISA Mitigation, Patch Guidance - MSSP Alert

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 22, 2021, 4 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Vulnerability in broadly-used software causes massive risk to internet users

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 11, 2021, 3:58 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228

Attacking TrustZone on devices lacking memory protection | SpringerLink

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 20, 2021, midnight
 Vulnerabilities: information leakage

5 Vulnerabilities in Medical Devices That Can Create Chaos

Trust: 3.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 27, 2021, 10:13 a.m.
 Vulnerabilities: denial of service, code execution, password guessing...
Affected productsExternal IDs

F-Secure discovers vulnerabilities affecting over 150 HP printer models - IoT global network

Trust: 4.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 1, 2021, 2:11 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-39238, CVE-2021-39237