Sign-up

VARIoT news about IoT security

Kryptowire & Orange to Uncover Vulnerabilities in Mobile Devices | AI-TechPark

Trust: 3.75

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: command execution, script execution
Affected productsExternal IDs

Vulnerabilities found in HP multi-function printers

Trust: 4.0

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Nov. 30, 2021, 2 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-39237, CVE-2021-39238

Microsoft addresses a high-severity vulnerability in Azure AD

Trust: 4.0

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Nov. 18, 2021, 11:26 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2021-42306

Millions Of Devices At Risk Over New Software Vulnerability - America HQ

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.75

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 15, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: canary model: canary
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228

Countless Servers Are Vulnerable to Apache Log4j Zero-Day Exploit | PCMag

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.0

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Jan. 11, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: watch
db: NVD ids: CVE-2021-44228

A Vulnerability in HP Printer Products Could Allow for Arbitrary Code Execution. | New York State Office of Information Technology Services

Trust: 3.5

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 1, 2021, 9:35 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-39238

Critical vulnerability in something? @ AskWoody

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.0

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 11, 2021, 2 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228

Researchers discover serious server vulnerability in iPhone and Tesla devices | TechGig

Trust: 4.75

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 14, 2021, 10:54 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone

PSA: PATCH YOUR DEVICES NOW. The log4shell vulnerability allows remote code execution on all devices running log4j, a popular Java library. PATCH YOUR DEVICES NOW. | Java LibHunt

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.25

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 11, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Multiple Vulnerabilities in Distributed Data Systems WebHMI Could Allow for Arbitrary Code Execution | New York State Office of Information Technology Services

Trust: 3.25

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 7, 2021, 5:49 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-43931, CVE-2021-43936

Millions Of Devices At Risk Over New Software Vulnerability | The Original MinuteMan Project

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.75

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 16, 2021, 2 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: canary model: canary
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228

Kryptowire Collaborates with Orange and Uncovers Major Vulnerabilities in Mobile Devices at Scale | Tech Times

Trust: 4.0

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 14, 2021, 6 p.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: check point model: check point

Moobot botnet exploits CVE-2021-36260 flaw in Hikvision productsSecurity Affairs

Trust: 4.25

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 9, 2021, 7:47 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hikvision model: hikvision
db: NVD ids: CVE-2021-36260

Multiple Vulnerabilities in SonicWall SMA 100 Series Could Allow for Arbitrary Code Execution | New York State Office of Information Technology Services

Trust: 4.25

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 9, 2021, 8:20 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: sma 100

Cybersecurity, multiple vulnerabilities in Android OS

Trust: 3.0

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Dec. 13, 2021, 5:27 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

NVD - CVE-2021-34794

Related entries in the VARIoT vulnerabilities database: VAR-202110-1375

Trust: 4.0

Fetched: Dec. 16, 2021, 8:11 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: firepower_threat_defense
vendor: cisco model: asa_5580_firmware
vendor: cisco model: adaptive_security_appliance
vendor: cisco model: asa_5545-x_firmware
vendor: cisco model: asa_5580
vendor: cisco model: asa_5505_firmware
vendor: cisco model: asa_5555-x_firmware
vendor: cisco model: asa_5585-x
vendor: cisco model: asa_5525-x_firmware
vendor: cisco model: asa_5585-x_firmware
vendor: cisco model: asa_5505
vendor: cisco model: asa_5512-x_firmware
vendor: cisco model: asa_5515-x_firmware
db: NVD ids: CVE-2021-34794

Unauthenticated Remote Code Execution Vulnerability | ManageEngine Patch Connect Plus

Trust: 4.25

Fetched: Dec. 16, 2021, 8:11 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery | Threatpost

Related entries in the VARIoT vulnerabilities database: VAR-202111-0697

Trust: 3.25

Fetched: Dec. 16, 2021, 8:11 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-43880, CVE-2021-28474, CVE-2021-43905, CVE-2021-43907, CVE-2021-41379, CVE-2021-43893, CVE-2021-43899, CVE-2021-43240, cve-2021-28474, CVE-2021-43890, CVE-2021-43233, CVE-2021-41333, CVE-2021-43883, CVE-2021-43217, CVE-2021-38666, CVE-2021-24084, CVE-2021-42309, CVE-2021-43215, CVE-2021-42310

US warns hundreds of millions of devices at risk from newly revealed software vulnerability - KAKE

Trust: 3.25

Fetched: Dec. 16, 2021, 8:11 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: cve-2021-44228

The Log4j security flaw could impact the entire internet. Here's what you should know - CNN

Trust: 3.5

Fetched: Dec. 16, 2021, 8:11 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canary model: canary
vendor: check point model: check point
db: NVD ids: cve-2021-44228
db: USCERT ids: AB71-632D