VARIoT latest news about IoT security

BotenaGo Malware Posts Major Threat to Routers, IoT Devices: How to Prevent Potential Attack \| iTech Post Trust: 3.75 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 17, 2021, 9:52 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

home

Vulnerabilities in MediaTek chips expose millions of Android devices to eavesdropping - BBC Tech Update Trust: 3.0 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 24, 2021, 5:08 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

Philips Patient Monitoring Devices (Update B) \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202009-0606, VAR-202009-0607, VAR-202009-0602, VAR-202009-0604, VAR-202009-0605, VAR-202009-0603, VAR-202009-0608, VAR-202009-0595 Trust: 5.75 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Jan. 1, 2022, midnight	Vulnerabilities: cross-site scripting, improper validation, service crash

Affected products

External IDs

vendor:

philips

model:

intellivue patient monitors mx100

db:

NVD

ids:

CVE-2020-16220, CVE-2020-16222, CVE-2020-16212, CVE-2020-16216, CVE-2020-16218, CVE-2020-16214, CVE-2020-16224, CVE-2020-16228

Smart Home Devices. More Security Vulnerabilities. Daniel Wroclawski, Consumer Reports. Cybercrime Magazine podcast Trust: 3.0 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 22, 2021, 7:36 p.m.	Vulnerabilities: -

Affected products	External IDs

NVD - CVE-2021-40125 Related entries in the VARIoT vulnerabilities database: VAR-202110-1402 Trust: 5.25 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Jan. 2, 2022, midnight	Vulnerabilities: use after free, denial of service

Affected products

External IDs

vendor:	cisco systems	model:	cisco adaptive security appliance
vendor:	cisco systems	model:	asa_5545-x_firmware
vendor:	cisco systems	model:	firepower
vendor:	cisco systems	model:	firepower_threat_defense
vendor:	cisco systems	model:	asa_5580
vendor:	cisco systems	model:	asa_5505_firmware
vendor:	cisco systems	model:	asa_5555-x_firmware
vendor:	cisco systems	model:	asa_5585-x
vendor:	cisco systems	model:	firepower threat defense
vendor:	cisco systems	model:	asa_5580_firmware
vendor:	cisco systems	model:	adaptive security appliance
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	adaptive_security_appliance
vendor:	cisco systems	model:	asa_5585-x_firmware
vendor:	cisco systems	model:	asa_5525-x_firmware
vendor:	cisco systems	model:	asa_5505
vendor:	cisco systems	model:	asa_5512-x_firmware
vendor:	cisco systems	model:	asa_5515-x_firmware
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	asa_5545-x_firmware
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower_threat_defense
vendor:	cisco	model:	asa_5580
vendor:	cisco	model:	asa_5505_firmware
vendor:	cisco	model:	asa_5555-x_firmware
vendor:	cisco	model:	asa_5585-x
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	asa_5580_firmware
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	adaptive_security_appliance
vendor:	cisco	model:	asa_5585-x_firmware
vendor:	cisco	model:	asa_5525-x_firmware
vendor:	cisco	model:	asa_5505
vendor:	cisco	model:	asa_5512-x_firmware
vendor:	cisco	model:	asa_5515-x_firmware

db:

NVD

ids:

CVE-2021-40125

NVD - CVE-2021-34787 Related entries in the VARIoT vulnerabilities database: VAR-202110-1354 Trust: 3.5 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco systems	model:	cisco adaptive security appliance
vendor:	cisco systems	model:	asa_5545-x_firmware
vendor:	cisco systems	model:	firepower
vendor:	cisco systems	model:	firepower_threat_defense
vendor:	cisco systems	model:	asa_5580
vendor:	cisco systems	model:	asa_5505_firmware
vendor:	cisco systems	model:	asa_5555-x_firmware
vendor:	cisco systems	model:	asa_5585-x
vendor:	cisco systems	model:	firepower threat defense
vendor:	cisco systems	model:	asa_5580_firmware
vendor:	cisco systems	model:	adaptive security appliance
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	adaptive_security_appliance
vendor:	cisco systems	model:	asa_5585-x_firmware
vendor:	cisco systems	model:	asa_5525-x_firmware
vendor:	cisco systems	model:	asa_5505
vendor:	cisco systems	model:	asa_5512-x_firmware
vendor:	cisco systems	model:	asa_5515-x_firmware
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	asa_5545-x_firmware
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower_threat_defense
vendor:	cisco	model:	asa_5580
vendor:	cisco	model:	asa_5505_firmware
vendor:	cisco	model:	asa_5555-x_firmware
vendor:	cisco	model:	asa_5585-x
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	asa_5580_firmware
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	adaptive_security_appliance
vendor:	cisco	model:	asa_5585-x_firmware
vendor:	cisco	model:	asa_5525-x_firmware
vendor:	cisco	model:	asa_5505
vendor:	cisco	model:	asa_5512-x_firmware
vendor:	cisco	model:	asa_5515-x_firmware

db:

NVD

ids:

CVE-2021-34787

Positive Technologies Discovers Vulnerability in Intel Processors used in Laptops, Cars and Other devices - Global Security Mag Online Trust: 4.75 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 15, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	tesla	model:	model 3
vendor:	tesla	model:	model

db:

NVD

ids:

CVE-2021-0146

71 Windows vulnerabilities \| Kaspersky official blog Related entries in the VARIoT vulnerabilities database: VAR-202110-1687 Trust: 5.0 Fetched: Nov. 25, 2021, 9:59 a.m., Published: -	Vulnerabilities: privilege escalation, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-41338, CVE-2021-40469, cve-2021-40449, CVE-2021-40449, CVE-2021-41335

Command Injection Vulnerability \| Security Advisory \| Hikvision Trust: 4.25 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Jan. 15, 2022, midnight	Vulnerabilities: command injection

Affected products

External IDs

vendor:

hikvision

model:

hikvision

CVE - CVE-2021-40123 Related entries in the VARIoT vulnerabilities database: VAR-202110-0617 Trust: 3.75 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco systems	model:	cisco identity services engine
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	identity services engine
vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	identity services engine

db:

NVD

ids:

CVE-2021-40123

Over 30% of Android devices have eavesdropping vulnerabilities, MediaTek is releasing an update to fix the vulnerabilities Trust: 4.0 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 25, 2021, 9:09 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2021-0663, CVE-2021-0673, CVE-2021-0661, CVE-2021-0662

Linux Vulnerabilities of the Week: November 15, 2021 - SYXSENSE Trust: 3.75 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 16, 2021, 4:34 p.m.	Vulnerabilities: machine crash, code execution, system crash...

Affected products

External IDs

db:

NVD

ids:

CVE-2021-42008, CVE-2021-42574, CVE-2021-42252, CVE-2021-3778, CVE-2021-42739

Researchers Finds Security Flaw Affecting 37% of Smartphones \| PCMag Trust: 5.75 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Jan. 11, 2022, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	xiaomi	model:	miui
vendor:	xiaomi	model:	redmi
vendor:	vivo	model:	vivo
vendor:	check point	model:	check point

db:

NVD

ids:

CVE-2021-0663, CVE-2021-0662, CVE-2021-0673, CVE-2021-0661

Cisco security devices vulnerability: Positive Technologies - InfotechLead Related entries in the VARIoT vulnerabilities database: VAR-202007-1057, VAR-202005-0696, VAR-202005-0685, VAR-202110-1796 Trust: 6.0 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 22, 2021, 4:13 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	device manager
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	adaptive security appliance

db:

NVD

ids:

CVE-2020-3452, CVE-2020-3259, CVE-2020-3187, CVE-2021-34704

Security Vulnerabilities fixed in Firefox 93 - Mozilla Trust: 3.75 Fetched: Nov. 25, 2021, 9:59 a.m., Published: April 3, 2021, midnight	Vulnerabilities: memory leak, memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2021-38500, CVE-2021-38499, CVE-2021-38497, CVE-2021-38501, CVE-2021-32810, CVE-2021-38496, CVE-2021-38498

Intel Processor Vulnerability Comprises Encryption Security Trust: 4.25 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 22, 2021, 12:11 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-0146

Vulnerability In Cisco Security Devices Is Dangerous For Business Processes In Large Companies Related entries in the VARIoT vulnerabilities database: VAR-202005-0696, VAR-202005-0685, VAR-202110-1796 Trust: 5.5 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 22, 2021, 5:31 p.m.	Vulnerabilities: denial of service, buffer overflow

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	device manager
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2020-3259, CVE-2020-3187, CVE-2021-34704

These cybersecurity vulnerabilities could leave millions of connected medical devices open to attack. - Kreesna.com Related entries in the VARIoT vulnerabilities database: VAR-202111-1616, VAR-202111-1605, VAR-202111-1604 Trust: 6.25 Fetched: Nov. 25, 2021, 9:59 a.m., Published: -	Vulnerabilities: denial of service, code execution

Affected products

External IDs

vendor:	siemens	model:	nucleus
vendor:	siemens	model:	nucleus net

db:

NVD

ids:

CVE-2021-31888, CVE-2021-31886, CVE-2021-31887

Serious Vulnerabilities Found in Wi-Fi Module Designed for Critical Industrial Applications \| SecurityWeek.Com Trust: 4.75 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Jan. 14, 2022, midnight	Vulnerabilities: file inclusion, os command injection, local file inclusion...

Affected products

External IDs

vendor:

cisco

model:

series

Vulnerability in MediaTek chips used in Android smartphones \| Born's Tech and Windows World Trust: 3.5 Fetched: Nov. 25, 2021, 9:59 a.m., Published: Nov. 24, 2021, 3:12 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	vivo	model:	vivo
vendor:	check point	model:	check point

db:

NVD

ids:

CVE-2021-0663, CVE-2021-0662, CVE-2021-0673, CVE-2021-0661

VARIoT news about IoT security