Sign-up

VARIoT news about IoT security

New macOS vulnerability, “powerdir,” could lead to unauthorized user data access - Microsoft Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-202109-1380, VAR-202108-1285, VAR-202104-0177, VAR-202010-1253, VAR-202010-1252

Trust: 4.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 10, 2022, 5 p.m.
 Vulnerabilities: code execution, code injection
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: macos
db: NVD ids: CVE-2021-30713, CVE-2021-30970, CVE-2020-27937, CVE-2020-9771, CVE-2020-9934

Colors of the homeland | Urgent warning of a dangerous vulnerability in “iOS” that can permanently disable the phone - Archyde

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 6, 2022, 9:30 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: icloud

Cybersecurity Trends to Prepare for in 2022

Trust: 4.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: buffer overflow, memory corruption, service disruption
Affected productsExternal IDs
vendor: ring model: ring

Apple accused of recklessness over iOS security vulnerability | TechRadar

Trust: 5.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 4, 2022, 2:20 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: icloud

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Trust: 4.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 7, 2022, 7:33 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

Support, Support Requests, Training, Documentation, and Knowledge base for Check Point products and services

Trust: 3.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

Netgear Nighthawk RAX43 Multiple Vulnerabilities - Research Advisory | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-202112-2048, VAR-202112-2049, VAR-202112-2047, VAR-202112-2046, VAR-202112-2051

Trust: 5.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 30, 2021, 3:49 p.m.
 Vulnerabilities: default credentials, authentication bypass, command injection...
Affected productsExternal IDs
vendor: netgear model: router
vendor: jquery model: jquery
db: NVD ids: CVE-2021-20169, CVE-2021-20168, CVE-2021-20170, CVE-2021-20171, CVE-2021-20166, CVE-2021-201667

'DoorLock' Vulnerability Can Force iOS Devices to Endlessly Reboot | PCMag

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 11, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: icloud

Your Lenovo laptop firmware has 2 serious vulnerabilities - MSPoweruser

Related entries in the VARIoT vulnerabilities database: VAR-202112-2487, VAR-202112-2486

Trust: 5.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 17, 2021, 9 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: lenovo model: system
vendor: lenovo model: yoga
vendor: lenovo model: thinkpad
db: NVD ids: CVE-2021-3969, CVE-2021-3922

Log4j: what you need to know | Allot's Network Security & IoT Blog for CSPs & Enterprises

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 21, 2021, 1:21 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

20th December - Threat Intelligence Report - Check Point Research

Related entries in the VARIoT vulnerabilities database: VAR-202112-2487, VAR-202112-2486, VAR-202112-0566, VAR-202106-1091, VAR-201906-0768

Trust: 5.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 20, 2021, 10:05 a.m.
 Vulnerabilities: command execution, code execution, privilege elevation
Affected productsExternal IDs
vendor: orange model: web server
vendor: check point model: check point
vendor: lenovo model: system
vendor: lenovo model: updates
vendor: google model: home
db: NVD ids: CVE-2021-3969, CVE-2021-3922, CVE-2021-44228, CVE-2021-35941, CVE-2018-18472

VMware ESXi 7 users vulnerable to hypervisor takeover bug

Trust: 3.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 10, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2021-22045

NVD - CVE-2021-20173

Related entries in the VARIoT vulnerabilities database: VAR-202112-2044

Trust: 5.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: netgear model: r6700_firmware
vendor: netgear model: r6700
db: NVD ids: CVE-2021-20173

Security Notice Regarding Log4 Shell Exploit - DTEN Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 21, 2021, 5:29 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

doorLock - "A persistent denial of service vulnerability affecting iOS 15.2 - iOS 14.7 (and likely through 14.0), triggered via HomeKit" | HUP

Trust: 3.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs

Microsoft launches new Defender capabilities for fixing Log4j | VentureBeat

Related entries in the VARIoT vulnerabilities database: VAR-202112-2011

Trust: 4.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 28, 2021, 5:09 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2021-44832

Data Theorem Releases Critical Insight into Log4Shell Vulnerability to Assist Security Teams in Addressing the Exploit | Business Wire

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 23, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-44228

Dotdigital's response to the Log4j vulnerability - CVE-2021-44228 (Log4Shell) - Dotdigital Help Centre

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

New iOS vulnerability DoS bug revealed - IT Security Guru

Trust: 5.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 4, 2022, 12:12 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad

The Top 10 Most Severe Vulnerabilities In 2021

Related entries in the VARIoT vulnerabilities database: VAR-202103-0654, VAR-202112-0566, VAR-202106-0639, VAR-202007-0079, VAR-202103-0961, VAR-201906-0815, VAR-202103-0965, VAR-202008-0193, VAR-202103-0655, VAR-202107-1010

Trust: 4.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 10, 2022, midnight
 Vulnerabilities: configuration bug, path traversal, code execution...
Affected productsExternal IDs
vendor: pulse secure model: pulse connect secure
vendor: pulse secure model: connect secure
vendor: trend model: security
db: NVD ids: CVE-2021-26855, CVE-2021-22986, CVE-2021-31207, CVE-2021-34523, CVE-2021-22893, CVE-2021-22894, CVE-2021-44228, CVE-2020-8260, CVE-2021-1675, CVE-2020-12812, CVE-2021-22899, CVE-2021-22992, CVE-2021-34473, CVE-2018-13379, CVE-2021-22991, CVE-2021-27065, CVE-2021-21972, CVE-2021-26857, CVE-2019-5591, CVE-2021-26858, CVE-2021-21985, CVE-2021-22937, CVE-2021-22900, CVE-2021-22987, CVE-2021-34527