Sign-up

VARIoT news about IoT security

Netgear patches severe pre-auth RCE in 61 router and modem models - The Record by Recorded Future

Trust: 3.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 17, 2021, 1:43 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: netgear model: router

Netgear Patches Code Execution Vulnerability Affecting Many Products | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202111-0632

Trust: 5.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: netgear model: netgear router
vendor: netgear model: netgear router firmware
vendor: netgear model: router
db: NVD ids: CVE-2021-34991

13 critical Nucleus TCP/IP flaws pose denial-of-service risk to medical devices

Related entries in the VARIoT vulnerabilities database: VAR-202103-0365

Trust: 4.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 15, 2021, 12:20 p.m.
 Vulnerabilities: code execution, improper validation
Affected productsExternal IDs
vendor: siemens model: nucleus net
vendor: siemens model: nucleus
db: NVD ids: CVE-2016-20009

Apple Patches Vulnerabilities in iOS Exploited by Spyware | eSecurityPlanet

Related entries in the VARIoT vulnerabilities database: VAR-202108-1057

Trust: 4.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 15, 2021, 12:18 a.m.
 Vulnerabilities: integer overflow, code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: watch
vendor: apple model: ipad
db: NVD ids: CVE-2021-30860

Intel Vulnerabilities: Bios Bugs Put Cars, Laptops, Devices at Risk to Hackers - MSSP Alert

Related entries in the VARIoT vulnerabilities database: VAR-202111-1193

Trust: 4.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 16, 2021, 2:07 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tesla model: model 3
vendor: tesla model: model
db: NVD ids: CVE-2021-0158

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability - Microsoft Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-202109-1909

Trust: 4.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 15, 2021, 11:40 p.m.
 Vulnerabilities: code execution, path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2021-40444

Best-selling router ships with vulnerable firmware

Trust: 5.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 2, 2021, 2:44 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: tp-link model: archer c50

BotenaGo botnet targets millions of IoT devices with 33 exploits

Related entries in the VARIoT vulnerabilities database: VAR-201905-0651, VAR-202003-1707, VAR-202007-1256, VAR-202003-0363, VAR-202007-0064, VAR-201403-0306, VAR-201502-0201, VAR-201702-0952, VAR-201612-0015, VAR-201703-1017, VAR-202001-0633, VAR-201704-0303

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 11, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: comtrend model: vr-3033
vendor: realtek model: realtek sdk
db: NVD ids: CVE-2017-18368, CVE-2020-9054, CVE-2020-9377, CVE-2020-10173, CVE-2016-11021, CVE-2020-10987, CVE-2014-2321, CVE-2015-2051, CVE-2020-8958, CVE-2017-6077, CVE-2016-6277, CVE-2017-6334, CVE-2019-19824, CVE-2016-1555
db: POSIVITIVE TECHNOLOGY ids: ID:10

Industrial Cybersecurity Safety, Vulnerability Disclosure

Trust: 3.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 17, 2021, 2 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: codesys model: codesys
vendor: codesys model: control
vendor: schneider model: concept
vendor: schneider electric model: concept

What is a Vulnerability? | UpGuard

Trust: 3.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Dec. 15, 2021, midnight
 Vulnerabilities: request forgery, cross-site request forgery, cross-site scripting...
Affected productsExternal IDs

Are the Razer Phones affected by the zero-day vulnerability?

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 30, 2021, 12:56 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

BotenaGo Malware Uses More Than 30 Various Exploits | Millions of IoT Devices Are Vulnerable | Tech Times

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 16, 2021, 7:30 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Critical security vulnerabilities put millions of healthcare devices at risk | TechRadar

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 10, 2021, 4:15 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: siemens model: nucleus

Google Bolsters Android Enterprise Security Via New Vulnerability Program | ProgrammableWeb

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Oct. 22, 2021, 7:14 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android

Microsoft Warns of SIP-Bypassing ‘Shrootless’ macOS Vulnerability

Trust: 3.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 2, 2021, 12:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos

Critical security vulnerabilities put millions of healthcare devices at risk | TechRadar

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 10, 2021, 4:15 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: siemens model: nucleus

Bluetooth Vulnerability: Arbitrary Code Execution On The ESP32, Among Others | Hackaday

Trust: 4.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 23, 2021, 11 a.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs

New series of Bluetooth vulnerabilities discovered that could put millions of Windows and Android devices worldwide in trouble - latest news today blogtuan.info

Trust: 4.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 15, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: optiplex
db: NVD ids: CVE-2021-28139

CVE - CVE-2021-34748

Related entries in the VARIoT vulnerabilities database: VAR-202110-0209

Trust: 5.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: injection attack, command injection
Affected productsExternal IDs
vendor: cisco systems model: cisco systems
vendor: cisco model: cisco systems
db: NVD ids: CVE-2021-34748

Critical security vulnerabilities put millions of healthcare devices at risk | TechRadar

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 10, 2021, 4:15 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: siemens model: nucleus