VARIoT latest news about IoT security

Android Devices and Vulnerabilities - SC Dashboard \| Tenable® Trust: 4.0 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

Cisco IOS : List of security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-201909-0158, VAR-201810-0561, VAR-201903-0559, VAR-202109-0601, VAR-201810-0345, VAR-201903-0571, VAR-201810-0565, VAR-202009-0479, VAR-201810-0569, VAR-201909-0165, VAR-202109-0747, VAR-201909-0160, VAR-201810-0351, VAR-201810-0346, VAR-201909-0184, VAR-202006-1148, VAR-201903-0569, VAR-201903-0563, VAR-202006-1097, VAR-202006-1093, VAR-201901-0473, VAR-202006-1151, VAR-201903-0565, VAR-201909-0181, VAR-201903-0599, VAR-201810-0568, VAR-202103-0545, VAR-202103-0537, VAR-201909-0166, VAR-201909-0186, VAR-201909-1523, VAR-201903-0574, VAR-201903-0595, VAR-202009-1160, VAR-201903-0592, VAR-201810-0339, VAR-202103-0540, VAR-201903-0600, VAR-202103-0550, VAR-201903-0558, VAR-202006-1150, VAR-201810-0567, VAR-201909-0161, VAR-201903-0597, VAR-202006-1095, VAR-202006-1098, VAR-201903-0567, VAR-202006-1092, VAR-202006-1084, VAR-201903-0596 Trust: 5.25 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: memory corruption, denial of service, improper memory handling...

Affected products

External IDs

vendor:	cisco	model:	hsrp
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	ios software
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	series switches
vendor:	cisco	model:	routers
vendor:	cisco	model:	4451-x
vendor:	cisco	model:	integrated services router
vendor:	cisco	model:	integrated services routers
vendor:	cisco	model:	catalyst 2960-l series switches
vendor:	cisco	model:	catalyst 6500 series
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco iox
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	iox application
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	catalyst cdb-8p switches
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	catalyst 6500
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	isr g2
vendor:	cisco	model:	isr4451
vendor:	cisco	model:	isr4451-x
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco iox application
vendor:	cisco	model:	4451-x integrated services router
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	industrial integrated services routers
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	series
vendor:	cisco	model:	router

db:

NVD

ids:

CVE-2019-12649, CVE-2018-15369, CVE-2019-1748, CVE-2021-34705, CVE-2018-0473, CVE-2019-1756, CVE-2018-15373, CVE-2019-16009, CVE-2018-15377, CVE-2019-12655, CVE-2021-34699, CVE-2019-12650, CVE-2018-0485, CVE-2018-0475, CVE-2019-12670, CVE-2020-3201, CVE-2019-1758, CVE-2019-1752, CVE-2020-3230, CVE-2020-3226, CVE-2018-0484, CVE-2020-3200, CVE-2019-1757, CVE-2019-12668, CVE-2019-1739, CVE-2018-15376, CVE-2021-1385, CVE-2021-1392, CVE-2019-12656, CVE-2019-12672, CVE-2019-12665, CVE-2019-1762, CVE-2019-1746, CVE-2020-3476, CVE-2019-1737, CVE-2018-0466, CVE-2021-1377, CVE-2019-1738, CVE-2009-1234, CVE-2021-1391, CVE-2019-1761, CVE-2020-3204, CVE-2018-15375, CVE-2019-12651, CVE-2019-1740, CVE-2020-3228, CVE-2020-3231, CVE-2019-1751, CVE-2020-3225, CVE-2020-3217, CVE-2019-1747

Series of Zero-Day Vulnerabilities Could Endanger 200 Million Devices Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 3.5 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: code execution, denial of service, information leak

Affected products

External IDs

db:

NVD

ids:

cve-2021-44228, CVE-2021-44228

NVD - CVE-2020-9054 Related entries in the VARIoT vulnerabilities database: VAR-202003-1707 Trust: 3.75 Fetched: Dec. 16, 2021, 3:47 p.m., Published: Jan. 5, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	zyxel	model:	usg310
vendor:	zyxel	model:	usg60
vendor:	zyxel	model:	vpn300
vendor:	zyxel	model:	zywall1100
vendor:	zyxel	model:	usg60w_firmware
vendor:	zyxel	model:	usg60w
vendor:	zyxel	model:	vpn1000
vendor:	zyxel	model:	nas542_firmware
vendor:	zyxel	model:	usg20-vpn_firmware
vendor:	zyxel	model:	vpn100_firmware
vendor:	zyxel	model:	nas520
vendor:	zyxel	model:	vpn100
vendor:	zyxel	model:	usg20w-vpn
vendor:	zyxel	model:	usg20w-vpn_firmware
vendor:	zyxel	model:	zywall1100_firmware
vendor:	zyxel	model:	atp100_firmware
vendor:	zyxel	model:	usg110_firmware
vendor:	zyxel	model:	zywall110_firmware
vendor:	zyxel	model:	usg310_firmware
vendor:	zyxel	model:	vpn1000_firmware
vendor:	zyxel	model:	usg40w_firmware
vendor:	zyxel	model:	zywall310
vendor:	zyxel	model:	vpn300_firmware
vendor:	zyxel	model:	usg1100_firmware
vendor:	zyxel	model:	nas542
vendor:	zyxel	model:	vpn50
vendor:	zyxel	model:	vpn50_firmware
vendor:	zyxel	model:	nas326_firmware
vendor:	zyxel	model:	usg1900
vendor:	zyxel	model:	usg210_firmware
vendor:	zyxel	model:	usg1100
vendor:	zyxel	model:	atp500_firmware
vendor:	zyxel	model:	atp100
vendor:	zyxel	model:	nas326
vendor:	zyxel	model:	usg60_firmware
vendor:	zyxel	model:	zywall110
vendor:	zyxel	model:	atp200_firmware
vendor:	zyxel	model:	zywall310_firmware
vendor:	zyxel	model:	usg1900_firmware
vendor:	zyxel	model:	nas520_firmware
vendor:	zyxel	model:	usg210
vendor:	zyxel	model:	usg20-vpn
vendor:	zyxel	model:	usg40
vendor:	zyxel	model:	usg2200_firmware
vendor:	zyxel	model:	usg2200
vendor:	zyxel	model:	usg40_firmware
vendor:	zyxel	model:	atp500
vendor:	zyxel	model:	nas540_firmware
vendor:	zyxel	model:	usg110
vendor:	zyxel	model:	atp200
vendor:	zyxel	model:	atp800_firmware
vendor:	zyxel	model:	nas540
vendor:	zyxel	model:	atp800
vendor:	zyxel	model:	usg40w

db:

NVD

ids:

CVE-2020-9054

Bluetooth Spoofing Bug Affects Billions of IoT Devices \| Threatpost Related entries in the VARIoT vulnerabilities database: VAR-202004-1957 Trust: 3.25 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

cve-2020-9770, CVE-2020-9770

Recent Cyberattack Reveals Reality of Smart Home Device Vulnerability Trust: 3.5 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: denial of service, default password

Affected products	External IDs

Medical device vulnerability scoring flaws put patients’ lives at risk Related entries in the VARIoT vulnerabilities database: VAR-201906-1020 Trust: 4.0 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

medtronic

model:

paradigm

db:

NVD

ids:

CVE-2019-10964

Billions of devices affected by UPnP vulnerability - Naked Security Related entries in the VARIoT vulnerabilities database: VAR-202006-0391 Trust: 3.25 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2020-12695

Top 15 Paid and Free Vulnerability Scanner Tools - DNSstuff Trust: 3.25 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: sql injection, path traversal, cross-site scripting...

Affected products

External IDs

vendor:	tripwire	model:	ip360
vendor:	wireshark	model:	wireshark

IP-in-IP Vulnerability Affects Devices From Cisco and Others \| SecurityWeek.Com Related entries in the VARIoT vulnerabilities database: VAR-202006-0258 Trust: 4.5 Fetched: Dec. 16, 2021, 3:47 p.m., Published: Jan. 15, 2022, midnight	Vulnerabilities: information leak, process crash

Affected products

External IDs

vendor:	digi	model:	saros
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	firepower
vendor:	cisco	model:	mds 9000
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	series
vendor:	cisco	model:	1000v
vendor:	cisco	model:	firepower 2100
vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	nexus
vendor:	cisco	model:	firepower 9300
vendor:	cisco	model:	mds 9000 series
vendor:	hewlett packard enterprise	model:	hewlett packard enterprise
vendor:	hewlett packard enterprise	model:	switches
vendor:	hewlett packard enterprise	model:	9000
vendor:	hewlett packard enterprise	model:	hewlett packard
vendor:	hewlett packard enterprise	model:	1000 series
vendor:	hewlett packard	model:	hewlett packard enterprise
vendor:	hewlett packard	model:	switches
vendor:	hewlett packard	model:	9000
vendor:	hewlett packard	model:	hewlett packard
vendor:	hewlett packard	model:	1000 series
vendor:	digi international	model:	saros

db:

NVD

ids:

CVE-2020-10136

2 Million IoT Devices Vulnerable to Complete Takeover \| Threatpost Related entries in the VARIoT vulnerabilities database: VAR-202012-0977 Trust: 3.25 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2020-29583, CVE-2019-11220, CVE-2019-11219

FragAttacks: Security flaws in all Wi-Fi devices Related entries in the VARIoT vulnerabilities database: VAR-202105-1431, VAR-202105-1477, VAR-202105-1430, VAR-202105-1432, VAR-202105-1476, VAR-202105-1428, VAR-202105-0257, VAR-202009-0518, VAR-202105-1475, VAR-202105-1493, VAR-202105-1429 Trust: 5.5 Fetched: Dec. 16, 2021, 3:47 p.m., Published: Jan. 7, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

home

db:

NVD

ids:

CVE-2020-24588, CVE-2020-26146, CVE-2020-26142, CVE-2020-26139, CVE-2020-24587, CVE-2020-24586, CVE-2020-26144, CVE-2020-26141, CVE-2019-18991, CVE-2020-26145, CVE-2019-18989, CVE-2019-18990, CVE-2020-26147, CVE-2020-26143, CVE-2020-26140

SweynTooth Vulnerabilities \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202002-0392, VAR-202002-0294, VAR-202002-0491, VAR-202002-0394, VAR-202002-0295, VAR-202002-0393, VAR-202002-0418, VAR-202002-0487, VAR-202002-0391 Trust: 3.5 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: memory corruption, security bypass, buffer overflow

Affected products

External IDs

db:	NVD	ids:	CVE-2019-17517, CVE-2019-17060, CVE-2019-19196, CVE-2019-19194, CVE-2019-17519, CVE-2019-17061, CVE-2019-19195, CVE-2019-17518, CVE-2019-16336, CVE-2019-19192, CVE-2019-17520, CVE-2019-19193
db:	ICS CERT ALERT	ids:	ICS-ALERT-20-063-01

Common SNMP Vulnerability: 9-Step Guide to Protect Your Network Related entries in the VARIoT vulnerabilities database: VAR-200202-0006, VAR-200202-0007 Trust: 4.5 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: command injection

Affected products

External IDs

vendor:	general electric	model:	industrial solutions ups snmp/web adapter
vendor:	symantec	model:	symantec web gateway
vendor:	symantec	model:	web gateway

db:

NVD

ids:

CVE-2002-0012, CVE-2002-0013

Device Hardening, Vulnerability Scanning and Threat Mitigation for Compliance and Security Trust: 3.75 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: configuration vulnerability

Affected products

External IDs

db:

POSIVITIVE TECHNOLOGY

ids:

ID:10

AVTECH IP Camera / NVR / DVR Devices - Multiple Vulnerabilities - CGI webapps Exploit Trust: 5.5 Fetched: Dec. 16, 2021, 3:47 p.m., Published: -	Vulnerabilities: information leakage, authentication bypass, default password...

Affected products

External IDs

vendor:

avtech

model:

ip camera

FragAttack: New Wi-Fi vulnerabilities that affect... basically everything \| Malwarebytes Labs Related entries in the VARIoT vulnerabilities database: VAR-202105-1429, VAR-202105-1475, VAR-202105-1493, VAR-202105-1431, VAR-202105-1476, VAR-202105-1428, VAR-202105-1432, VAR-202105-1430, VAR-202105-1477, VAR-202105-0257 Trust: 3.5 Fetched: Dec. 16, 2021, 3:47 p.m., Published: May 12, 2021, 5:31 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	netbsd	model:	netbsd
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	galaxy s3
vendor:	samsung	model:	samsung

db:

NVD

ids:

CVE-2020-26140, CVE-2020-26147, CVE-2020-26143, CVE-2020-24588, CVE-2020-26144, CVE-2020-26141, CVE-2020-24587, CVE-2020-26139, CVE-2020-24586, CVE-2020-26142, CVE-2020-26146, CVE-2020-26145

14 best open-source web application vulnerability scanners [updated for 2020] - Infosec Resources Trust: 3.5 Fetched: Dec. 9, 2021, 11:28 a.m., Published: May 7, 2021, 6:39 p.m.	Vulnerabilities: command execution, remote file inclusion, local file inclusion...

Affected products	External IDs

10 Best Vulnerability Scanning Tools - 2021 (Updated) Trust: 3.5 Fetched: Dec. 9, 2021, 11:28 a.m., Published: July 4, 2021, 3:36 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	wireshark	model:	wireshark
vendor:	netbsd	model:	netbsd
vendor:	aircrack-ng	model:	aircrack-ng
vendor:	tripwire	model:	ip360

11 Best Network Vulnerability Scanners Tested 2021 (Free + Paid Tools) Trust: 3.5 Fetched: Dec. 9, 2021, 11:28 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	router
vendor:	cisco	model:	series
vendor:	cisco	model:	routers
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	guard
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	ios

VARIoT news about IoT security