Sign-up

VARIoT news about IoT security

VMSA-2021-0026

Trust: 3.0

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 11, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-22101

Microsoft discovers new multiple vulnerabilities, Microsoft Defender the most concerning - JoyofAndroid.com

Trust: 3.0

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 14, 2021, 10:32 p.m.
 Vulnerabilities: code execution, information leak, information disclosure...
Affected productsExternal IDs
db: NVD ids: CVE-2021-41371, CVE-2021-42298, CVE-2021-42292, CVE-2021-43209, CVE-2021-43208, CVE-2021-38631, CVE-2021-42321, CVE-2021-26443

Cisco IOS and IOS XE Software Link Layer Discovery Protocol Denial of Service Vulnerability - Cisco

Trust: 4.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Dec. 16, 2021, 2:06 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: link layer discovery protocol
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios

Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260) | Watchful_IP

Trust: 6.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 18, 2021, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: hikvision model: camera
vendor: hikvision model: hikvision
db: NVD ids: CVE-2021-36260

NVD - CVE-2021-1611

Trust: 5.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Oct. 7, 2021, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: catalyst
vendor: cisco model: wireless controller
vendor: cisco model: series
vendor: cisco model: catalyst 9800
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco systems
vendor: cisco model: series switches
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco systems model: catalyst
vendor: cisco systems model: wireless controller
vendor: cisco systems model: series
vendor: cisco systems model: catalyst 9800
vendor: cisco systems model: cisco ios xe
vendor: cisco systems model: cisco systems
vendor: cisco systems model: series switches
vendor: cisco systems model: ios xe
vendor: cisco systems model: cisco ios
db: NVD ids: CVE-2021-1611

5XX Level Error

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 9, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

CVE - CVE-2021-34787

Related entries in the VARIoT vulnerabilities database: VAR-202110-1354

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco systems model: cisco adaptive security appliance
vendor: cisco systems model: cisco systems
vendor: cisco systems model: firepower threat defense
vendor: cisco systems model: firepower
vendor: cisco systems model: adaptive security appliance
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: cisco systems
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: adaptive security appliance
db: NVD ids: CVE-2021-34787

DSA-2021-217: Dell Wyse Device Agent for Windows 10 IoT Enterprise Security Update for an OpenSSL Vulnerability | Dell Polska

Trust: 3.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Feb. 17, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: wyse 7040
vendor: dell model: wyse 5070
db: NVD ids: CVE-2021-3712
db: DEBIAN ids: DSA-2021

Apple Zero-Day: Update Your iPhone, iPad, Mac, and MORE with the Emergency Patch Immediately | Tech Times

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 13, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: watch
vendor: apple model: ipad
vendor: apple model: imac
vendor: apple model: ipod touch
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: iphone

This new Android spyware masquerades as legitimate apps - TechCrunch

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

BusyBox vulnerabilities impact embedded Linux OS used in IoT and OT devices - Securezoo

Trust: 4.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 9, 2021, 7:13 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-42386, CVE-2021-42376, CVE-2021-42383, CVE-2021-42384, CVE-2021-42373, CVE-2021-42381, CVE-2021-42374, CVE-2021-42380, CVE-2021-42382, CVE-2021-42377, CVE-2021-42375, CVE-2021-42378, CVE-2021-42379, CVE-2021-42385

Discovering the Exploitable Security Gaps in Remote Work Spaces

Trust: 5.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 8, 2021, midnight
 Vulnerabilities: default credentials, denial of service, buffer overflow...
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: printer
vendor: samsung model: galaxy
vendor: samsung model: printers
vendor: samsung model: samsung galaxy
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: tp-link model: routers
vendor: tp-link model: ac1750
vendor: cisco model: routers
vendor: cisco model: rv340
vendor: cisco model: router
vendor: cisco model: series
vendor: trend micro model: security
vendor: sonos model: sonos
vendor: google model: google home
vendor: google model: home
vendor: trend model: security

Researchers show how to exploit Bluetooth Classic security flaws | Network World

Trust: 4.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 16, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

DSA-2021-106: Aktualizacja zabezpieczeń platformy klienckiej firmy Dell dla wielu luk w funkcjach BIOSConnect i HTTPS Boot jako część klienckiego systemu BIOS firmy Dell | Dell Polska

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 5, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: optiplex
vendor: dell model: latitude 5420
vendor: dell model: chengming
vendor: dell model: latitude
vendor: dell model: bios
db: NVD ids: CVE-2021-21572, CVE-2021-21574, CVE-2021-21571, CVE-2021-21573

DDoS botnet exploiting known GitLab vulnerability

Trust: 5.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 4, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: cve-2021-22205, CVE-2021-22205

Cybersecurity, DRAM memory | Homeland Security Newswire

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 17, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dram model: dram
db: POSIVITIVE TECHNOLOGY ids: ID:11

Intel CPUs With New Security Vulnerabilities | gamepressure.com

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 17, 2021, 2:11 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tesla model: model
vendor: tesla model: model 3
db: NVD ids: CVE-2021-0146

Siemens software vulnerabilities potentially put millions of medical devices at risk|Medigy

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 16, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

New vulnerabilities found in Intel processors - Russian Reality

Related entries in the VARIoT vulnerabilities database: VAR-202111-1151, VAR-202111-1193

Trust: 3.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 17, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-0157, CVE-2021-0146, CVE-2021-0158

Apple Pay users ‘vulnerable to security hack’ | News | The Times

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 16, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone