Sign-up

VARIoT news about IoT security

Multiple Vulnerabilities Affecting Bluetooth Devices

Related entries in the VARIoT vulnerabilities database: VAR-202109-0564

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 31, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-34145, CVE-2021-34144, CVE-2021-31611, CVE-2021-34146, CVE-2021-31612, CVE-2021-28136, CVE-2021-28139, CVE-2021-34148, CVE-2021-31610, CVE-2021-28155, CVE-2021-31785, CVE-2021-34150, CVE-2021-34143, CVE-2021-31717, CVE-2021-31613, CVE-2021-34149, CVE-2021-31609, CVE-2021-34147, CVE-2021-28135, CVE-2021-31786

Millions of IoT Devices Using ‘ThroughTek Kalay Network’ Vulnerable to Eavesdropping

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, 9:54 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-28372

Multiple Vulnerabilities Affecting Bluetooth Devices

Related entries in the VARIoT vulnerabilities database: VAR-202109-0564

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 31, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-34145, CVE-2021-34144, CVE-2021-31611, CVE-2021-34146, CVE-2021-31612, CVE-2021-28136, CVE-2021-28139, CVE-2021-34148, CVE-2021-31610, CVE-2021-28155, CVE-2021-31785, CVE-2021-34150, CVE-2021-34143, CVE-2021-31717, CVE-2021-31613, CVE-2021-34149, CVE-2021-31609, CVE-2021-34147, CVE-2021-28135, CVE-2021-31786

Are your home security cameras vulnerable to hacking? - CNET

Trust: 3.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: amazon model: echo show
vendor: comcast model: xfinity
vendor: comcast model: comcast xfinity
vendor: ring model: ring
vendor: google model: home

Google alerts users of four high-level vulnerabilities, urges them to update Chrome now - JoyofAndroid.com

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 10, 2021, 10:36 p.m.
 Vulnerabilities: buffer overflow, use after free
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2021-37979, CVE-2021-37980, CVE-2021-37977, CVE-2021-37978

Server Hardening Policy: Examples and Tips

Trust: 3.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 3, 2021, midnight
 Vulnerabilities: account lockout, address change vulnerability
Affected productsExternal IDs
vendor: cisco model: cisco routers
vendor: cisco model: routers
vendor: cisco model: technical support
vendor: cisco model: secure desktop

(3) Billions of Android devices have been exposed to hacks through Bluetooth - PhoneArena

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 9, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: optiplex

BleepingComputer.com - Technology news and support

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 20, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: sonos model: sonos
vendor: cisco model: routers

Website Vulnerability Scanner - Online Tools for Web Vulnerabilities

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: command injection, remote file inclusion, sql injection...
Affected productsExternal IDs

WinRAR vulnerability allowed attackers to remotely hijack systems

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 22, 2021, 3:17 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-35052

IoT -Security: Critical Vulnerability Affecting Millions of Devices - SMART INDUSTRY

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 23, 2021, 4:01 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Zero-day vulnerabilities in Victure baby monitors allow hackers to spy on families remotely. Parents should turn off these devices

Trust: 3.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 3, 2021, 4:11 p.m.
 Vulnerabilities: -
Affected productsExternal IDs

How hackers exploited RCE vulnerabilities in Atlassian, Azure

Trust: 5.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 13, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: barracuda model: barracuda
vendor: barracuda networks model: barracuda
db: NVD ids: CVE-2021-38647, CVE-2021-26084

Home - Securing Tomorrow. Today. | McAfee Blogs

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 16, 2021, 4:38 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: squid model: squid

Sonic.net • Strange device connected to my Wi-Fi... am I vulnerable to hacking?

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 5, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks | Cyware Alerts - Hacker News

Trust: 3.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 4, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Problems Fixing Critically Vulnerable Hikvision Devices

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 21, 2021, 2:39 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hikvision model: hikvision

10 Tips to Tighten Security on Your Android Device - Hongkiat

Trust: 3.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 4, 2021, 1:01 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone
vendor: google model: android

Millions of IoT devices vulnerable to remote vulnerabilities

Trust: 6.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 20, 2021, 7:58 a.m.
 Vulnerabilities: command injection, buffer overflow, code execution
Affected productsExternal IDs
vendor: realtek model: realtek sdk
db: NVD ids: CVE-2021-35394, CVE-2021-28372, CVE-2021-35392, CVE-2021-35393, CVE-2021-35395
db: ICS CERT ids: ICSA-21-229-01
db: US CERT ids: ICSA-21-229-01

Security Advisory: Vulnerabilities in Crestron Touch Panel Devices

Related entries in the VARIoT vulnerabilities database: VAR-201808-0436

Trust: 5.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 7, 2022, 6:34 p.m.
 Vulnerabilities: code execution, command injection
Affected productsExternal IDs
vendor: crestron model: tsw-760
vendor: crestron model: toolbox protocol
db: NVD ids: CVE-2018-13341