Sign-up

VARIoT news about IoT security

CVE - CVE-2022-23039

Trust: 5.75

Fetched: June 1, 2022, 8:58 a.m., Published: June 3, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: ring model: ring
db: NVD ids: CVE-2022-23039, CVE-2022-23037, CVE-2022-23038, CVE-2022-23041, CVE-2022-23040, CVE-2022-23042, CVE-2022-23036

Authenticated F5 BIG-IP Guided Configuration in Appliance mode vulnerability CVE-2022-27806

Related entries in the VARIoT vulnerabilities database: VAR-202205-0359

Trust: 3.0

Fetched: June 1, 2022, 8:58 a.m., Published: -
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2022-27806

Authenticated F5 BIG-IP Guided Configuration integrity check in Appliance mode vulnerability CVE-2022-25946

Related entries in the VARIoT vulnerabilities database: VAR-202205-0398

Trust: 3.25

Fetched: June 1, 2022, 8:58 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-25946

Repeatable Failures:AMI UsbRt - Six years later, firmware attack vector still affect millions of enterprise devices

Related entries in the VARIoT vulnerabilities database: VAR-202203-0823, VAR-202203-1379, VAR-202203-0927, VAR-201710-0955

Trust: 5.25

Fetched: June 1, 2022, 8:58 a.m., Published: June 16, 2022, midnight
 Vulnerabilities: memory corruption, input validation vulnerability, code execution
Affected productsExternal IDs
vendor: lenovo model: system
vendor: lenovo model: bios
vendor: lenovo model: updates
vendor: dell model: bios
db: NVD ids: CVE-2022-24421, CVE-2022-24420, CVE-2022-24419, CVE-2017-5721, CVE-2020-12301

Smart devices could leave your home vulnerable to security threats - CBS New York

Trust: 4.75

Fetched: June 1, 2022, 8:58 a.m., Published: April 19, 2022, 11:39 p.m.
 Vulnerabilities: default password, brute force attack
Affected productsExternal IDs
vendor: ring model: ring

Critical vulnerabilities open Synology, QNAP NAS devices to attack - Help Net Security

Related entries in the VARIoT vulnerabilities database: VAR-202105-1166

Trust: 4.5

Fetched: June 1, 2022, 8:58 a.m., Published: April 29, 2022, 9:26 a.m.
 Vulnerabilities: code execution, information disclosure
Affected productsExternal IDs
vendor: serve model: serve
vendor: synology model: diskstation manager
vendor: synology model: diskstation
vendor: netatalk model: netatalk
db: NVD ids: CVE-2021-31439, CVE-2022-23122, CVE-2022-23121, CVE-2022-23124, CVE-2022-0194, CVE-2022-23125, CVE-2022-23123

Zyxel firewall, VPN device vulnerabilities addressed

Related entries in the VARIoT vulnerabilities database: VAR-202203-1898

Trust: 5.5

Fetched: June 1, 2022, 8:58 a.m., Published: April 1, 2022, 5:10 p.m.
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
vendor: zyxel model: zywall
db: NVD ids: CVE-2022-1040, CVE-2022-26871, CVE-2022-0342

Authenticated iControl REST in Appliance mode vulnerability CVE-2022-26415

Related entries in the VARIoT vulnerabilities database: VAR-202205-0135

Trust: 3.0

Fetched: June 1, 2022, 8:58 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-26415

Bluetooth Security Vulnerability: The Ultimate Manual

Trust: 3.25

Fetched: June 1, 2022, 8:58 a.m., Published: March 31, 2022, 3 p.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: motorola model: motorola
vendor: motorola model: android

F5, Cisco issue patches for serious product vulnerabilities • The Register

Related entries in the VARIoT vulnerabilities database: VAR-202205-0175, VAR-202205-0394, VAR-202205-0173, VAR-202205-0174

Trust: 3.75

Fetched: June 1, 2022, 8:58 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-20777, CVE-2022-1388, CVE-2022-20780, CVE-2022-20779

Your Apple device could be hacked if not updated: CERT advisory

Trust: 3.25

Fetched: June 1, 2022, 8:58 a.m., Published: May 22, 2022, 10:22 a.m.
 Vulnerabilities: system crash, denial of service
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: mac os

Chrome Zero-Day: Find Devices With Vulnerabilities Across Your Inventory

Related entries in the VARIoT vulnerabilities database: VAR-202203-1921

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: June 1, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
vendor: trend model: security
db: NVD ids: CVE-2022-1096

Git security vulnerability announced | The GitHub Blog

Related entries in the VARIoT vulnerabilities database: VAR-202204-0692

Trust: 4.0

Fetched: June 1, 2022, 8:58 a.m., Published: April 12, 2022, 5:51 p.m.
 Vulnerabilities: arbitrary command execution, directory traversal, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-24767, CVE-2022-24765

Chrome Zero Day: Find vulnerable devices for patching - YouTube

Trust: 3.0

Fetched: June 1, 2022, 8:58 a.m., Published: March 30, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome

Patch Management vs. Vulnerability Management - JumpCloud

Trust: 3.0

Fetched: June 1, 2022, 8:58 a.m., Published: March 17, 2022, 6 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

TLStorm vulnerabilities detected in APC Smart-UPS devices used across data centers, industrial facilities, hospitals - Industrial Cyber

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: March 11, 2022, 12:43 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: schneider electric model: monitor
vendor: schneider model: monitor

NVD - CVE-2022-23042

Trust: 5.75

Fetched: June 1, 2022, 8:58 a.m., Published: June 3, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: ring model: ring
db: NVD ids: CVE-2022-23039, CVE-2022-23037, CVE-2022-23038, CVE-2022-23041, CVE-2022-23040, CVE-2022-23042, CVE-2022-23036

Cisco Patches 11 High-Severity Vulnerabilities in Security Products | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202204-2027

Trust: 5.75

Fetched: June 1, 2022, 8:58 a.m., Published: June 11, 2022, midnight
 Vulnerabilities: privilege escalation, denial of service
Affected productsExternal IDs
vendor: cisco model: firepower threat defense
vendor: cisco model: adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: firepower management center
vendor: cisco model: telepresence
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: expressway
db: NVD ids: CVE-2022-20746

Cybersecurity vulnerability ensnares imaging, radiation therapy firms

Trust: 3.0

Fetched: June 1, 2022, 8:58 a.m., Published: March 10, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Armis Finds Three Critical Zero-Day Vulnerabilities in APC Smart-UPS Devices, Dubbed "TLStorm," Exposing More than 20 Million Enterprise Devices

Related entries in the VARIoT vulnerabilities database: VAR-202203-0236, VAR-202203-0237, VAR-202203-0235, VAR-202108-1890

Trust: 4.25

Fetched: June 1, 2022, 8:58 a.m., Published: March 8, 2022, 11 a.m.
 Vulnerabilities: buffer overflow, memory corruption, code execution...
Affected productsExternal IDs
vendor: schneider electric model: monitor
vendor: schneider model: monitor
db: NVD ids: CVE-2022-22806, CVE-2022-22805, CVE-2022-0715, CVE-2021-37160