VARIoT latest news about IoT security

Cisco Patches Critical Vulnerabilities in IOS XE Software \| SecurityWeek.Com Related entries in the VARIoT vulnerabilities database: VAR-202109-0245 Trust: 5.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 16, 2022, midnight	Vulnerabilities: denial of service, buffer overflow, code execution

Affected products

External IDs

vendor:	cisco	model:	catalyst 9800
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	sd-wan
vendor:	cisco	model:	series integrated services routers
vendor:	cisco	model:	cloud services router
vendor:	cisco	model:	cloud services router 1000v
vendor:	cisco	model:	integrated services routers
vendor:	cisco	model:	routers
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	1000v
vendor:	cisco	model:	series switches
vendor:	cisco	model:	router
vendor:	cisco	model:	access points
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2021-34770, CVE-2021-1619, CVE-2021-34727

Security Advisory - Improper Authorization Vulnerability in Some Huawei Products Related entries in the VARIoT vulnerabilities database: VAR-202109-1642 Trust: 5.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 8, 2021, midnight	Vulnerabilities: authorization vulnerability, code execution

Affected products

External IDs

vendor:

huawei

model:

huawei

db:

NVD

ids:

CVE-2021-37101

VMware issues details of emergency actions that need taking to address a critical security vulnerability Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 24, 2021, 8:35 a.m.	Vulnerabilities: privilege escalation, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-22005

What Medical Device Vendors Can Learn From Past Cybersecurity Vulnerability Disclosures \| October 19, 2021 \| Engineering360 Webinars Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 19, 2021, midnight	Vulnerabilities: -

Affected products	External IDs

Realtek vulnerabilities compromise hundreds of thousands of routers, IoT devices \| TechRadar Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 16, 2021, 3:19 p.m.	Vulnerabilities: memory corruption, command injection

Affected products

External IDs

vendor:	asus	model:	asus
vendor:	realtek	model:	sdk
vendor:	realtek	model:	realtek sdk

Patch this AMD CPU vulnerability now, users warned \| TechRadar Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 20, 2021, 1:16 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-26333

Local Privilege Escalation Vulnerability (0-day) in all Windows Versions \| Born's Tech and Windows World Related entries in the VARIoT vulnerabilities database: VAR-202108-1005 Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 29, 2021, 3:33 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2021-34484

Critical Bug Could Allow Remote Snooping Via Millions of Devices - Infosecurity Magazine Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, 10:06 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28372

Honeywell Critical Vulnerabilities Discovered in Experion PKS Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 7, 2021, 11:17 a.m.	Vulnerabilities: denial of service, path traversal, code execution

Affected products

External IDs

vendor:	honeywell	model:	experion process knowledge system
vendor:	honeywell	model:	honeywell experion process knowledge system
vendor:	honeywell	model:	experion

Millions of IoT Devices Vulnerable to Cloud Platform Flaws Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, 3:20 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28372

Millions Of IOT Devices Are Identified with Critical Vulnerability - CyberWorkx Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, 4:39 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28372

Update your Apple devices now. New Pegasus hack prompts company to issue new software to fix iMessage vulnerability. Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 13, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

apple

model:

iphone

Microsoft acknowledges Windows zero-day vulnerability based on malicious Office files - OnMSFT.com Related entries in the VARIoT vulnerabilities database: VAR-202109-1909 Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 8, 2021, 2:27 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-40444

Realtek-based routers, smart devices are being gobbled up by a voracious botnet \| Malwarebytes Labs Related entries in the VARIoT vulnerabilities database: VAR-202104-0768 Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 24, 2021, 1:36 p.m.	Vulnerabilities: denial of service, command injection

Affected products

External IDs

vendor:	orange	model:	web server
vendor:	huawei	model:	huawei
vendor:	belkin	model:	router
vendor:	asustek	model:	asus
vendor:	asustek	model:	router
vendor:	asus	model:	asus
vendor:	asus	model:	router
vendor:	d-link	model:	router
vendor:	realtek	model:	realtek sdk
vendor:	buffalo	model:	router
vendor:	netgear	model:	router

db:

NVD

ids:

CVE-2021-35395, CVE-2021-20090

Multiple attempts to exploit Realtek vulnerabilities discovered by our researchers - SAM Seamless Network Related entries in the VARIoT vulnerabilities database: VAR-202104-0768 Trust: 5.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 19, 2021, 2:31 p.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:	paloaltonetworks	model:	networks
vendor:	paloaltonetworks	model:	palo alto networks
vendor:	palo	model:	networks
vendor:	palo	model:	palo alto networks
vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	palo alto networks
vendor:	realtek	model:	realtek sdk

db:

NVD

ids:

CVE-2021-35395, CVE-2021-20090

Here's how hackers exploit IoT device vulnerabilities to invade hardware Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 19, 2021, 9:50 a.m.	Vulnerabilities: -

Affected products	External IDs

Update Your Apple Devices to Avoid This Zero-Click Malware \| Tech.co Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 14, 2021, 8:33 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

Severe Bugs in Realtek SDK Affects Around Millions of IoT Devices Trust: 6.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 17, 2021, 7:18 p.m.	Vulnerabilities: buffer overflow, command execution, memory corruption...

Affected products

External IDs

vendor:

realtek

model:

realtek sdk

db:

NVD

ids:

CVE-2021-35394, CVE-2021-35393, CVE-2021-35392, CVE-2021-35395

CVE-2021-30860: Fix Your Apple Device against the FORCEDENTRY Zero-Day Related entries in the VARIoT vulnerabilities database: VAR-202108-1057 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 14, 2021, 10:16 a.m.	Vulnerabilities: integer overflow, buffer overflow, code execution

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	watchos

db:

NVD

ids:

CVE-2019-3568, CVE-2021-30860

65 vendors affected by severe vulnerabilities in Realtek chips - Help Net Security Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 16, 2021, 10:36 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	asustek	model:	wireless routers
vendor:	realtek	model:	realtek sdk

db:

NVD

ids:

CVE-2021-35394, CVE-2021-35393, CVE-2021-35392, CVE-2021-35395

VARIoT news about IoT security