VARIoT latest news about IoT security

Microsoft reveals 'powerdir' macOS vulnerability that allows unauthorized user data access Related entries in the VARIoT vulnerabilities database: VAR-202108-1285 Trust: 5.0 Fetched: May 13, 2022, 8:10 a.m., Published: May 4, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	icloud
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2021-30970

Log4Shell Vulnerability Impacting Thousands of Organizations - Motorola Solutions Blog Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 5.5 Fetched: May 13, 2022, 8:10 a.m., Published: Sept. 1, 2001, midnight	Vulnerabilities: privilege escalation, code execution

Affected products

External IDs

vendor:

motorola

model:

motorola

db:

NVD

ids:

CVE-2021-44228

CVE-2021-44757 \| ManageEngine Trust: 3.25 Fetched: May 13, 2022, 8:09 a.m., Published: Jan. 17, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44757

CVE - CVE-2022-23035 Trust: 4.0 Fetched: May 13, 2022, 8:09 a.m., Published: May 3, 2022, midnight	Vulnerabilities: insufficient cleanup

Affected products

External IDs

db:

NVD

ids:

CVE-2022-23035

KCodes NetUSB vulnerability: millions of routers exposed to RCE attacks \| CyberNews Trust: 6.5 Fetched: May 13, 2022, 8:09 a.m., Published: May 13, 2022, midnight	Vulnerabilities: code execution, integer overflow

Affected products

External IDs

vendor:	tp-link	model:	routers
vendor:	tenda	model:	router
vendor:	kcodes	model:	netusb
vendor:	dlink	model:	router

db:

NVD

ids:

CVE-2021-45388

This Week in Security News - January 7, 2022 Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 3.5 Fetched: May 13, 2022, 8:09 a.m., Published: Jan. 7, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2021-44228

Security Vulnerabilities Newsletter: Top News Rundown (Weeks 3/4-2022) - binaré (binare.io) Related entries in the VARIoT vulnerabilities database: VAR-202112-0361 Trust: 5.5 Fetched: May 13, 2022, 8:09 a.m., Published: March 4, 2022, midnight	Vulnerabilities: buffer overflow, denial of service

Affected products

External IDs

vendor:	sonicwall	model:	web application firewall
vendor:	sonicwall	model:	secure mobile access
vendor:	sonicwall	model:	sma 100
vendor:	solarwinds	model:	serv-u

db:

NVD

ids:

CVE-2021-20038, CVE-2021-35247

NVD - CVE-2022-23968 Trust: 5.0 Fetched: May 13, 2022, 8:01 a.m., Published: Jan. 26, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2022-23968

eSentire \| Polkit Vulnerability Impacting Linux Devices Trust: 4.25 Fetched: May 13, 2022, 8:01 a.m., Published: May 4, 2022, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

db:

NVD

ids:

CVE-2021-4034

Apple update patches serious Safari vulnerability that exposes user data - SiliconANGLE Trust: 3.75 Fetched: May 13, 2022, 8:01 a.m., Published: Jan. 26, 2022, 8:41 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	webkit
vendor:	apple	model:	safari
vendor:	apple	model:	icloud
vendor:	apple	model:	watch
vendor:	apple	model:	watchos

Novel phishing campaign highlights need for MFA, says Microsoft Trust: 4.0 Fetched: May 13, 2022, 8:01 a.m., Published: Jan. 27, 2022, 2:45 p.m.	Vulnerabilities: default password

Affected products	External IDs

Millions of Google, Roku, and Sonos Devices Are Vulnerable to a Web Attack \| WIRED Trust: 4.75 Fetched: May 13, 2022, 8:01 a.m., Published: June 19, 2018, 4:51 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	roku	model:	roku
vendor:	sonos	model:	sonos
vendor:	google	model:	google home
vendor:	google	model:	home
vendor:	google	model:	chromecast

Millions of Routers, IoT Devices at Risk as Malware Source Code Surfaces on GitHub Related entries in the VARIoT vulnerabilities database: VAR-201403-0306, VAR-201704-0303, VAR-201502-0201 Trust: 3.75 Fetched: May 13, 2022, 8:01 a.m., Published: June 23, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	d-link	model:	multiple routers
vendor:	netgear	model:	multiple routers

db:

NVD

ids:

CVE-2014-2321, CVE-2016-1555, CVE-2015-2051, CVE-2013-3307

Critical MediaTek rootkit affects millions of Android devices Related entries in the VARIoT vulnerabilities database: VAR-202003-0573 Trust: 3.5 Fetched: May 13, 2022, 8:01 a.m., Published: March 2, 2020, 1:25 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	trendmicro	model:	security
vendor:	mediatek	model:	mt8163
vendor:	samsung	model:	notes
vendor:	amazon	model:	fire tv
vendor:	nokia	model:	series
vendor:	huawei	model:	honor
vendor:	huawei	model:	huawei
vendor:	google	model:	android
vendor:	google	model:	android one
vendor:	google	model:	home

db:

NVD

ids:

CVE-2020-0069

Apache MS-DOS Device Name Vulnerability - Threat Encyclopedia - Trend Micro NO Trust: 3.25 Fetched: May 13, 2022, 8:01 a.m., Published: May 13, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2003-0016

'DoorLock' Vulnerability Can Force iOS Devices to Endlessly Reboot Trust: 3.75 Fetched: May 13, 2022, 8:01 a.m., Published: May 11, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	ipad
vendor:	apple	model:	icloud

TALOS-2022-1445 \|\| Cisco Talos Intelligence Group - Comprehensive Threat Intelligence Trust: 3.75 Fetched: May 13, 2022, 8:01 a.m., Published: Jan. 26, 2022, midnight	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:

reolink

model:

rlc-410w

New Vulnerability Could Put IoT Devices at Risk Trust: 3.75 Fetched: May 13, 2022, 8:01 a.m., Published: Aug. 19, 2020, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2020-15858

A new update from Apple to fix a serious security vulnerability on its devices Trust: 3.75 Fetched: May 13, 2022, 8:01 a.m., Published: May 24, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	huawei	model:	huawei
vendor:	apple	model:	ipad
vendor:	apple	model:	safari
vendor:	apple	model:	ipod touch
vendor:	apple	model:	watch
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air
vendor:	apple	model:	macos

Mobile vulnerabilities: What they are and how they impact the enterprise Trust: 3.0 Fetched: May 13, 2022, 8:01 a.m., Published: Oct. 17, 2017, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

VARIoT news about IoT security