VARIoT latest news about IoT security

Software flaws in walk-through metal detectors made them hackable Trust: 3.75 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 22, 2021, 6:18 p.m.	Vulnerabilities: directory traversal, buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2021-21905, CVE-2021-21904, CVE-2021-21901, CVE-2021-21909, CVE-2021-21907, CVE-2021-21908, CVE-2021-21906, CVE-2021-21903, CVE-2021-21902

Security Advisory - Cross-Site Scripting(XSS) Vulnerability in Huawei WS318n Product Trust: 4.25 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 17, 2021, midnight	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:

huawei

model:

huawei

Tracking Device Made by Apple Showing Up in Suspected Crimes - NBC10 Philadelphia Trust: 3.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 23, 2021, 5:26 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

CVE - CVE-2021-43083 Trust: 3.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-43083

Log4Shell vulnerability assessment and potential product impact statement \| Spacelabs Healthcare Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 3.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 14, 2021, 12:13 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

New Log4j flaw: 5 reasons why organizations should worry now - ManageEngine Blog Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 5.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 20, 2021, 4:59 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

Latest Vendavo Response to Log4Shell Vulnerability - Vendavo Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562 Trust: 4.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 19, 2021, 10:15 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228, CVE-2021-45046

Microsoft details macOS vulnerability that allowed protected data access \| AppleInsider Trust: 3.75 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 12, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	icloud

Important Update on Critical Log4j Vulnerability - CVE-2021-44228 \| Arctic Wolf Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566, VAR-202112-2011 Trust: 4.5 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 29, 2021, 2:20 p.m.	Vulnerabilities: code execution, input validation vulnerability

Affected products

External IDs

vendor:

serve

model:

serve

db:

NVD

ids:

CVE-2021-45046, CVE-2021-44228, CVE-2021-44832

Knowledge Base - Is there any impact for Barco Products on the Log4Shell vulnerability? (CVE-2021-44228) - KB12495 - Barco Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 5.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

vendor:

barco

model:

clickshare

db:

NVD

ids:

CVE-2021-44228

Warning Log4j attackers are switching tactics to make money as experts say it could affect millions of devices for YEARS Trust: 3.75 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 17, 2021, 3:41 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	printer
vendor:	samsung	model:	note
vendor:	samsung	model:	samsung

Is the Ring Doorbell susceptible to the Log4j vulnerability? - Products / Video Doorbells - Ring Community Trust: 3.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 2, 2022, 2:23 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	ring	model:	video doorbells
vendor:	ring	model:	ring

Update your PC to patch 6 zero-day flaws, 90 vulnerabilities Trust: 4.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: -	Vulnerabilities: code execution, cross-site scripting

Affected products	External IDs

Cyber Week in Review: December 17, 2021 \| Council on Foreign Relations Trust: 3.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 17, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

huawei

model:

huawei

Are Endpoints at Risk for Log4Shell Attacks Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 5.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 18, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

Microsoft Windows Codecs Library RCE (January 2022) Trust: 4.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 11, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2022-21917

5 Critical Code Vulnerabilities To Avoid At All Cost Trust: 3.5 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 20, 2021, 10:32 a.m.	Vulnerabilities: default password, password guessing, cross-site scripting...

Affected products

External IDs

vendor:

serve

model:

serve

ESB-2021.4004.7 Related entries in the VARIoT vulnerabilities database: VAR-202109-1803, VAR-202109-1805, VAR-202109-1804, VAR-202109-1802 Trust: 5.75 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 21, 2021, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco systems	model:	cisco prime collaboration assurance
vendor:	cisco systems	model:	fxos
vendor:	cisco systems	model:	prime network
vendor:	cisco systems	model:	hosted collaboration mediation fulfillment
vendor:	cisco systems	model:	video surveillance media server
vendor:	cisco systems	model:	cisco telepresence
vendor:	cisco systems	model:	cisco policy suite
vendor:	cisco systems	model:	firepower management center
vendor:	cisco systems	model:	wide area application services
vendor:	cisco systems	model:	security manager
vendor:	cisco systems	model:	unified communications manager session management edition
vendor:	cisco systems	model:	cisco prime network services controller
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	unified communications manager im & presence service
vendor:	cisco systems	model:	cisco prime optical
vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	cisco expressway
vendor:	cisco systems	model:	cisco ucs manager
vendor:	cisco systems	model:	ucs director
vendor:	cisco systems	model:	ucs central software
vendor:	cisco systems	model:	unified communications
vendor:	cisco systems	model:	virtual security gateway
vendor:	cisco systems	model:	cloud services platform
vendor:	cisco systems	model:	firepower
vendor:	cisco systems	model:	cisco prime infrastructure
vendor:	cisco systems	model:	unified communications domain manager
vendor:	cisco systems	model:	prime collaboration
vendor:	cisco systems	model:	policy suite
vendor:	cisco systems	model:	prime collaboration provisioning
vendor:	cisco systems	model:	cisco security manager
vendor:	cisco systems	model:	prime infrastructure
vendor:	cisco systems	model:	cisco cloud services platform 2100
vendor:	cisco systems	model:	prime network services controller
vendor:	cisco systems	model:	unified communications manager
vendor:	cisco systems	model:	cisco firepower management center
vendor:	cisco systems	model:	expressway
vendor:	cisco systems	model:	cisco socialminer
vendor:	cisco systems	model:	nexus
vendor:	cisco systems	model:	cisco virtual topology system
vendor:	cisco systems	model:	cisco prime collaboration provisioning
vendor:	cisco systems	model:	cisco ucs director
vendor:	cisco systems	model:	virtual topology system
vendor:	cisco systems	model:	ucs manager
vendor:	cisco systems	model:	dna center
vendor:	cisco systems	model:	cisco unified communications domain manager
vendor:	cisco systems	model:	smart net total care
vendor:	cisco systems	model:	cisco prime collaboration
vendor:	cisco systems	model:	telepresence
vendor:	cisco systems	model:	cisco prime network
vendor:	cisco systems	model:	expressway series
vendor:	cisco systems	model:	prime collaboration assurance
vendor:	cisco systems	model:	cisco unified communications manager
vendor:	cisco systems	model:	cloud services platform 2100
vendor:	cisco systems	model:	socialminer
vendor:	cisco systems	model:	cisco hosted collaboration mediation fulfillment
vendor:	cisco systems	model:	prime optical
vendor:	cisco systems	model:	firepower threat defense
vendor:	cisco	model:	cisco prime collaboration assurance
vendor:	cisco	model:	fxos
vendor:	cisco	model:	prime network
vendor:	cisco	model:	hosted collaboration mediation fulfillment
vendor:	cisco	model:	video surveillance media server
vendor:	cisco	model:	cisco telepresence
vendor:	cisco	model:	cisco policy suite
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	wide area application services
vendor:	cisco	model:	security manager
vendor:	cisco	model:	unified communications manager session management edition
vendor:	cisco	model:	cisco prime network services controller
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	unified communications manager im & presence service
vendor:	cisco	model:	cisco prime optical
vendor:	cisco	model:	series
vendor:	cisco	model:	cisco expressway
vendor:	cisco	model:	cisco ucs manager
vendor:	cisco	model:	ucs director
vendor:	cisco	model:	ucs central software
vendor:	cisco	model:	unified communications
vendor:	cisco	model:	virtual security gateway
vendor:	cisco	model:	cloud services platform
vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco prime infrastructure
vendor:	cisco	model:	unified communications domain manager
vendor:	cisco	model:	prime collaboration
vendor:	cisco	model:	policy suite
vendor:	cisco	model:	prime collaboration provisioning
vendor:	cisco	model:	cisco security manager
vendor:	cisco	model:	prime infrastructure
vendor:	cisco	model:	cisco cloud services platform 2100
vendor:	cisco	model:	prime network services controller
vendor:	cisco	model:	unified communications manager
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	expressway
vendor:	cisco	model:	cisco socialminer
vendor:	cisco	model:	nexus
vendor:	cisco	model:	cisco virtual topology system
vendor:	cisco	model:	cisco prime collaboration provisioning
vendor:	cisco	model:	cisco ucs director
vendor:	cisco	model:	virtual topology system
vendor:	cisco	model:	ucs manager
vendor:	cisco	model:	dna center
vendor:	cisco	model:	cisco unified communications domain manager
vendor:	cisco	model:	smart net total care
vendor:	cisco	model:	cisco prime collaboration
vendor:	cisco	model:	telepresence
vendor:	cisco	model:	cisco prime network
vendor:	cisco	model:	expressway series
vendor:	cisco	model:	prime collaboration assurance
vendor:	cisco	model:	cisco unified communications manager
vendor:	cisco	model:	cloud services platform 2100
vendor:	cisco	model:	socialminer
vendor:	cisco	model:	cisco hosted collaboration mediation fulfillment
vendor:	cisco	model:	prime optical
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2021-39275, CVE-2021-34798, CVE-2021-36160, CVE-2021-40438, CVE-2021-33193

Researchers Find Four Security Flaws Affecting Microsoft Teams Trust: 5.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 23, 2021, 11:28 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

node.js

model:

node.js

Microsoft Patch Tuesday - January 2022 - Lansweeper Related entries in the VARIoT vulnerabilities database: VAR-202201-0640, VAR-202201-0580, VAR-202107-1503, VAR-202109-1789 Trust: 3.0 Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 11, 2022, 7:06 p.m.	Vulnerabilities: security feature bypass, denial of service, code execution...

Affected products

External IDs

db:

NVD

ids:

CVE-2022-21858, CVE-2022-21841, CVE-2022-21865, CVE-2022-21892, CVE-2022-21875, CVE-2022-21874, CVE-2022-21857, CVE-2022-21870, CVE-2022-21885, CVE-2022-21963, CVE-2022-21961, CVE-2022-21883, CVE-2022-21958, CVE-2022-21868, CVE-2022-21879, CVE-2022-21918, CVE-2022-21877, CVE-2022-21860, CVE-2022-21919, CVE-2022-21898, CVE-2022-21896, CVE-2022-21859, CVE-2022-21962, CVE-2022-21915, CVE-2022-21869, CVE-2022-21891, CVE-2022-21884, CVE-2022-21881, CVE-2022-21890, CVE-2022-21836, CVE-2022-21922, CVE-2022-21897, CVE-2022-21871, CVE-2022-21848, CVE-2022-21932, CVE-2022-21917, CVE-2022-21840, CVE-2022-21847, CVE-2022-21882, CVE-2022-21863, CVE-2022-21878, CVE-2022-21861, CVE-2022-21843, CVE-2022-21852, CVE-2022-21851, CVE-2022-21916, CVE-2022-21928, CVE-2022-21913, CVE-2022-21895, CVE-2022-21837, CVE-2022-21839, CVE-2022-21900, CVE-2022-21912, CVE-2022-21907, CVE-2022-21911, CVE-2022-21846, CVE-2022-21889, CVE-2022-21834, CVE-2022-21920, CVE-2022-21904, CVE-2021-36976, CVE-2022-21855, CVE-2022-21914, CVE-2022-21960, CVE-2022-21880, CVE-2022-21862, CVE-2022-21849, CVE-2022-21864, CVE-2022-21866, CVE-2022-21842, CVE-2022-21921, CVE-2022-21833, CVE-2022-21906, CVE-2022-21899, CVE-2022-21908, CVE-2022-21910, CVE-2021-22947, CVE-2022-21835, CVE-2022-21924, CVE-2022-21905, CVE-2022-21903, CVE-2022-21893, CVE-2022-21894, CVE-2022-21888, CVE-2022-21873, CVE-2022-21838, CVE-2022-21964, CVE-2022-21876, CVE-2022-21872, CVE-2022-21969, CVE-2022-21850, CVE-2022-21901, CVE-2022-21887, CVE-2022-21902, CVE-2022-21959, CVE-2022-21867, CVE-2022-21925

VARIoT news about IoT security