VARIoT latest news about IoT security

NVD - CVE-2021-42111 Trust: 3.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-42111, cve-2021-42111

Kali Linux Tools - GeeksforGeeks Trust: 3.5 Fetched: Dec. 6, 2021, 2:33 p.m., Published: -	Vulnerabilities: sql injection

Affected products

External IDs

vendor:	ollydbg	model:	ollydbg
vendor:	google	model:	home
vendor:	google	model:	wifi
vendor:	wireshark	model:	wireshark

Category: Threats \| Kaspersky official blog Trust: 3.5 Fetched: Dec. 6, 2021, 2:33 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-37975, CVE-2021-37974, CVE-2021-37976

Microsoft Patch Tuesday - November 2021 - Lansweeper Related entries in the VARIoT vulnerabilities database: VAR-202111-0473, VAR-202111-0789, VAR-202111-0697, VAR-202111-0660 Trust: 3.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 9, 2021, 7:30 p.m.	Vulnerabilities: security feature bypass, denial of service, code execution...

Affected products

External IDs

db:

NVD

ids:

CVE-2021-42323, CVE-2021-42304, CVE-2021-42283, CVE-2021-41373, CVE-2021-42321, CVE-2021-42322, CVE-2021-42305, CVE-2021-42277, CVE-2021-42298, CVE-2021-42292, CVE-2021-42276, CVE-2021-42319, CVE-2021-42285, CVE-2021-42280, CVE-2021-41376, CVE-2021-41368, CVE-2021-38631, CVE-2021-26443, CVE-2021-41372, CVE-2021-432083, CVE-2021-42288, CVE-2021-41351, CVE-2021-42303, CVE-2021-41356, CVE-2021-41370, CVE-2021-42300, CVE-2021-42301, CVE-2021-42296, CVE-2021-41379, CVE-2021-36957, CVE-2021-42279, CVE-2021-41377, CVE-2021-42274, CVE-2021-42275, CVE-2021-41371, CVE-2021-41374, CVE-2021-41375, CVE-2021-41378, CVE-2021-42286, CVE-2021-42278, CVE-2021-41349, CVE-2021-26444, CVE-2021-41367, CVE-2021-41366, CVE-2021-40442, CVE-2021-38666, CVE-2021-432093, CVE-2021-42284, CVE-2021-42287, CVE-2021-42316, CVE-2021-38665, CVE-2021-42291, CVE-2021-3711, CVE-2021-42282, CVE-2021-42302

Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS - Secure Cyber Solution Trust: 3.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: -	Vulnerabilities: information disclosure, privilege escalation

Affected products

External IDs

db:

NVD

ids:

CVE-2021-24084

Analysis of RDP Attack Surface and Its Security Trust: 3.5 Fetched: Dec. 6, 2021, 2:33 p.m., Published: -	Vulnerabilities: information leakage, integer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2020-11525, CVE-2020-15103

OT Vulnerability Assessments - ClemTech LLC, #1 Tool Available now Trust: 3.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 15, 2021, 8:17 p.m.	Vulnerabilities: -

Affected products	External IDs

Activity Feed \| AttackerKB Trust: 4.25 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 1, 2022, midnight	Vulnerabilities: authentication bypass, path traversal, code execution

Affected products

External IDs

vendor:	zoho corporation	model:	manageengine desktop central
vendor:	zoho	model:	manageengine desktop central

db:

NVD

ids:

CVE-2021-44515

Apple to facilitate customers fixing their own devices Trust: 3.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 17, 2021, 4:10 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

Category: Technology - Which? News Trust: 3.25 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 10, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

watch

Many Healthcare, OT Systems Exposed to Attacks by NUCLEUS:13 Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202111-1605 Trust: 5.5 Fetched: Dec. 6, 2021, 1:02 p.m., Published: Jan. 13, 2022, midnight	Vulnerabilities: improper validation, denial of service, code execution...

Affected products

External IDs

vendor:	siemens	model:	nucleus
vendor:	siemens	model:	nucleus net

db:

NVD

ids:

CVE-2021-31886

14 BusyBox Linux Vulnerabilities Discovered (CVE-2021-42373) Trust: 4.0 Fetched: Dec. 6, 2021, 1:02 p.m., Published: Nov. 10, 2021, 4:34 p.m.	Vulnerabilities: information leak, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-42373, CVE-2021-42386, CVE-2021-43267

Threat Encyclopedia \| FortiGuard Trust: 3.25 Fetched: Dec. 6, 2021, 1:02 p.m., Published: Nov. 27, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

db:

FORTIGATE

ids:

FG-IR-19-060

CVE.report - Home Related entries in the VARIoT vulnerabilities database: VAR-202201-1483, VAR-202201-1471, VAR-202110-1759, VAR-202201-1479, VAR-202201-1474, VAR-202110-1760, VAR-202201-1475, VAR-202201-1522, VAR-202201-1480, VAR-202201-1476, VAR-202201-1478, VAR-202201-1481, VAR-202102-1658, VAR-202201-1482, VAR-202110-1761, VAR-202201-0897, VAR-202201-1484, VAR-202110-1762, VAR-202201-1486, VAR-202201-1477, VAR-202201-1485 Trust: 4.25 Fetched: Dec. 6, 2021, 1:02 p.m., Published: Jan. 14, 2022, 12:40 p.m.	Vulnerabilities: request forgery, improper access control, cross-site request forgery...

Affected products

External IDs

vendor:	clamav	model:	clamav
vendor:	asus	model:	router
vendor:	asus	model:	asus
vendor:	asus	model:	rt-ax56u
vendor:	netgear	model:	router
vendor:	netgear	model:	r7000
vendor:	netgear	model:	r6260
vendor:	clam	model:	clamav
vendor:	cisco	model:	ip phone
vendor:	cisco	model:	clamav
vendor:	cisco	model:	router
vendor:	cisco	model:	guard
vendor:	cisco	model:	security manager
vendor:	cisco	model:	cisco security manager

db:

NVD

ids:

CVE-2021-34945, CVE-2021-34933, CVE-2021-34995, CVE-2021-38690, CVE-2021-34922, CVE-2021-34913, CVE-2022-0224, CVE-2022-20642, CVE-2021-38692, CVE-2021-34908, CVE-2021-34994, CVE-2021-38689, CVE-2021-34928, CVE-2021-34927, CVE-2022-0231, CVE-2021-34936, CVE-2022-22054, CVE-2021-34904, CVE-2021-34977, CVE-2021-38691, CVE-2021-34930, CVE-2021-34914, CVE-2022-20636, CVE-2021-34935, CVE-2021-46255, CVE-2022-20639, CVE-2021-34944, CVE-2021-32649, CVE-2021-38678, CVE-2022-21677, CVE-2022-0213, CVE-2021-34980, CVE-2021-34926, CVE-2022-20641, CVE-2022-20658, CVE-2021-34932, CVE-2021-34907, CVE-2021-34996, CVE-2022-23222, CVE-2022-0178, CVE-2021-34985, CVE-2021-34910, CVE-2022-20638, CVE-2022-23219, CVE-2021-34920, CVE-2021-34911, CVE-2021-38682, CVE-2022-20647, CVE-2021-34937, CVE-2022-20698, CVE-2021-36781, CVE-2021-34943, CVE-2022-22056, CVE-2021-34946, CVE-2021-34919, CVE-2021-34939, CVE-2021-34998, CVE-2022-20646, CVE-2021-34993, CVE-2022-20640, CVE-2021-39032, CVE-2021-42551, CVE-2022-23218, CVE-2021-34915, CVE-2021-34940, CVE-2021-33962, CVE-2021-34984, CVE-2022-20637, CVE-2021-34979, CVE-2022-20660, CVE-2021-34997, CVE-2021-34934, CVE-2021-34925, CVE-2021-34924, CVE-2021-34923, CVE-2021-34941, CVE-2021-34916, CVE-2021-34906, CVE-2022-20643, CVE-2021-34931, CVE-2022-21681, CVE-2021-34978, CVE-2022-20635, CVE-2021-34912, CVE-2021-34942, CVE-2021-32650, CVE-2022-20645, CVE-2022-22055, CVE-2021-34918, CVE-2021-34905, CVE-2022-20644, CVE-2022-21685, CVE-2021-38677, CVE-2021-45760, CVE-2022-21680, CVE-2021-34921, CVE-2021-34929, CVE-2021-34909, CVE-2021-34917, CVE-2021-34938

Managing IoT Security Threats and Vulnerabilities Better Trust: 3.75 Fetched: Dec. 6, 2021, 1:02 p.m., Published: Dec. 2, 2021, 9:20 p.m.	Vulnerabilities: denial of service

Affected products	External IDs

Security vulnerabilities found in more than 150 HP multifunction printers - SiliconANGLE Trust: 3.75 Fetched: Dec. 6, 2021, 1:02 p.m., Published: Nov. 26, 2021, 5:08 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-39238

Nucleus:13 - Critical Vulnerabilities Found Affecting the Nucleus TCP/IP Stack Trust: 3.75 Fetched: Dec. 6, 2021, 1:02 p.m., Published: Nov. 11, 2021, 12:30 p.m.	Vulnerabilities: denial of service, information leak, code execution

Affected products

External IDs

vendor:

siemens

model:

nucleus

150+ HP Printers Vulnerable to Bugs That Could Allow 'Full Control' Trust: 4.25 Fetched: Dec. 6, 2021, 1:02 p.m., Published: Nov. 30, 2021, 6:11 p.m.	Vulnerabilities: memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2021-39238, CVE-2021-39237

GitHub - bp2008/DahuaLoginBypass: Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication. Related entries in the VARIoT vulnerabilities database: VAR-202109-1875, VAR-202109-1874 Trust: 3.25 Fetched: Dec. 6, 2021, 1:02 p.m., Published: Jan. 15, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-33044, CVE-2021-33045

Millions of Netgear routers need security updates right away - what you need to do \| Tom's Guide Related entries in the VARIoT vulnerabilities database: VAR-202111-0632 Trust: 4.75 Fetched: Dec. 6, 2021, 12:24 p.m., Published: Nov. 18, 2021, 2:19 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	netgear	model:	orbi
vendor:	netgear	model:	rax15
vendor:	netgear	model:	r7900p
vendor:	netgear	model:	rax45
vendor:	netgear	model:	xr300
vendor:	netgear	model:	r7000p
vendor:	netgear	model:	netgear router
vendor:	netgear	model:	r6400
vendor:	netgear	model:	ex6120
vendor:	netgear	model:	rs400
vendor:	netgear	model:	r6300v2
vendor:	netgear	model:	d7000v2
vendor:	netgear	model:	r6700v3
vendor:	netgear	model:	router
vendor:	netgear	model:	wndr3400v3
vendor:	netgear	model:	r8000p
vendor:	netgear	model:	rax20
vendor:	netgear	model:	r6900p
vendor:	netgear	model:	d6220
vendor:	netgear	model:	dgn2200v4
vendor:	netgear	model:	r7850
vendor:	netgear	model:	r7000
vendor:	netgear	model:	r8300
vendor:	netgear	model:	ex6130
vendor:	netgear	model:	r8500
vendor:	netgear	model:	dc112a
vendor:	netgear	model:	r7100lg
vendor:	netgear	model:	ac1450
vendor:	netgear	model:	rax50
vendor:	netgear	model:	rax48
vendor:	netgear	model:	ex3800
vendor:	netgear	model:	wnr3500lv2
vendor:	netgear	model:	d6400
vendor:	netgear	model:	r8000
vendor:	netgear	model:	d8500
vendor:	netgear	model:	ex3700
vendor:	netgear	model:	r6400v2
vendor:	mesh	model:	mesh

db:

NVD

ids:

CVE-2021-34991

VARIoT news about IoT security