Sign-up

VARIoT news about IoT security

4 Microsoft Teams Bugs Put Android Phones in Danger: Is There a Fix? | iTech Post

Trust: 3.75

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Dec. 23, 2021, 9:42 a.m.
 Vulnerabilities: denial of service, address leak, request forgery
Affected productsExternal IDs

Microsoft patches about 100 vulnerabilities, 9 of them critical | Kaspersky official blog

Related entries in the VARIoT vulnerabilities database: VAR-202201-0640

Trust: 3.0

Fetched: Jan. 18, 2022, 1:58 p.m., Published: -
 Vulnerabilities: code execution, denial of service, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-21857, CVE-2022-21833, CVE-2022-21846, CVE-2022-21919, CVE-2022-21836, CVE-2022-21839

New MacOS Vulnerability Could Expose ALL Your Private Data To Hackers | Tech Times

Related entries in the VARIoT vulnerabilities database: VAR-202108-1285

Trust: 3.5

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 12, 2022, 4:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: watchos
vendor: zoom model: zoom
db: NVD ids: CVE-2021-30970

5 CRITICAL VULNERABILITIES IN SONICWALL SECURE MOBILE ACCESS (SMA) SERIES 100 DEVICES: UPDATE IMMEDIATELY " Cyber Security

Related entries in the VARIoT vulnerabilities database: VAR-202112-0361, VAR-202112-0731, VAR-202112-0732, VAR-202112-0389, VAR-202112-0730

Trust: 5.5

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 15, 2022, 12:15 a.m.
 Vulnerabilities: code execution, command injection
Affected productsExternal IDs
vendor: sonicwall model: sma 100
vendor: sonicwall model: secure mobile access
db: NVD ids: CVE-2021-20038, CVE-2021-20041, CVE-2021-20040, CVE-2021-20039, CVE-2021-20042

Microsoft patches about 100 vulnerabilities, 9 of them critical | Kaspersky official blog

Related entries in the VARIoT vulnerabilities database: VAR-202201-0640

Trust: 3.0

Fetched: Jan. 18, 2022, 1:58 p.m., Published: -
 Vulnerabilities: code execution, denial of service, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-21857, CVE-2022-21833, CVE-2022-21846, CVE-2022-21919, CVE-2022-21836, CVE-2022-21839

LOG4J 2 Vulnerability Impact on MSFT Enterprise Products & Services

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566

Trust: 4.0

Fetched: Jan. 18, 2022, 1:58 p.m., Published: Jan. 9, 2022, 10:33 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44228

Technical Advisory: Zero-day critical vulnerability in Log4j2 exploited in the wild

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.5

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Jan. 6, 2022, midnight
 Vulnerabilities: denial of service, code execution, command execution
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2021-44228

Service Advisory - Zero-day Vulnerability Advisory Notice - Apache log4j - Active Exploits | University Information Technology (UIT)

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.25

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Dec. 13, 2021, 9 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Sky Broadband took almost 18 months to fix serious router flaw | IT PRO

Trust: 3.0

Fetched: Jan. 18, 2022, 11:55 a.m., Published: May 18, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs

27 flaws in USB-over-network SDK affect millions of cloud users

Related entries in the VARIoT vulnerabilities database: VAR-202112-0322

Trust: 4.0

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Sept. 25, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2021-42996, CVE-2021-42682, CVE-2021-42976, CVE-2021-42979, CVE-2021-42688, CVE-2021-42683, CVE-2021-43003, CVE-2021-43637, CVE-2021-42986, CVE-2021-42980, CVE-2021-43006, CVE-2021-42972, CVE-2021-42987, CVE-2021-42983, CVE-2021-42990, CVE-2021-42686, CVE-2021-42973, CVE-2021-43000, CVE-2021-42977, CVE-2021-42994, CVE-2021-42685, CVE-2021-42687, CVE-2021-42988, CVE-2021-43638, CVE-2021-43002, CVE-2021-42993, CVE-2021-42681

FireEye, CISA Warn of Critical IoT Device Vulnerability

Trust: 3.75

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Jan. 17, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watch
db: NVD ids: CVE-2021-28372

Israeli spy tech firm exploited vulnerability on ALL IPHONE devices to implant ‘Pegasus’ malware - report. This is classic Israeli backdoor access to computer systems that allowed 9/11 to be pulled off - see The Trigger - David Icke

Trust: 3.75

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Sept. 11, 2021, midnight
 Vulnerabilities: integer overflow
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: iphone

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Sept. 18, 2021, 10:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

NVD - CVE-2021-28816

Trust: 4.75

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2021-28816

Vulnerabilities in Device Drivers From 20 Vendors Expose PCs to Persistent Malware | SecurityWeek.Com

Trust: 3.75

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: lenovo model: system
vendor: lenovo model: bios
vendor: huawei model: huawei
vendor: asus model: asus
vendor: asus model: bmc firmware

Product Security | Axis Communications

Trust: 3.75

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: axis communications model: communications
vendor: axis communications model: axis
vendor: axis model: communications
vendor: axis model: axis
db: NVD ids: CVE-2021-31988, CVE-2021-31987, CVE-2021-31986

Zoom Patches Multiple Vulnerabilities - GovInfoSecurity

Trust: 5.5

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Sept. 17, 2021, midnight
 Vulnerabilities: remote command injection, command injection, code execution...
Affected productsExternal IDs
vendor: zoom model: zoom
vendor: zoom model: client
vendor: zoom model: zoom client
db: NVD ids: CVE-2021-34415, CVE-2021-34421, CVE-2021-34419, CVE-2021-34418, CVE-2021-34422, CVE-2021-34417, CVE-2021-34414, CVE-2021-34420

Vulnerabilities (CVE) - OpenCVE

Trust: 4.75

Fetched: Jan. 18, 2022, 11:55 a.m., Published: May 4, 2021, midnight
 Vulnerabilities: os command injection, use after free, denial of service...
Affected productsExternal IDs
vendor: pexip model: infinity
vendor: pexip model: pexip infinity

FireEye, CISA Warn of Critical IoT Device Vulnerability

Trust: 3.75

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Jan. 16, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watch
db: NVD ids: CVE-2021-28372

These are the 20 most common phone PINs: Is your device vulnerable?

Trust: 3.5

Fetched: Jan. 18, 2022, 11:55 a.m., Published: Dec. 8, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: iphone
vendor: ring model: ring
vendor: asus model: asus
vendor: google model: home
vendor: google model: android
vendor: samsung model: mobile
vendor: samsung model: samsung