VARIoT latest news about IoT security

How Telecom Providers Can Prevent IoT Attacks \| Toolbox Tech Trust: 3.75 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Oct. 26, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

mesh

model:

mesh

Researchers wait 12 months to report vulnerability with 9.8 out of 10 severity rating \| Ars Technica Trust: 5.25 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Jan. 12, 2022, midnight	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	palo alto networks	model:	palo alto networks
vendor:	palo alto networks	model:	palo alto networks globalprotect
vendor:	palo alto networks	model:	networks globalprotect
vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	pan-os
vendor:	palo	model:	palo alto networks
vendor:	palo	model:	palo alto networks globalprotect
vendor:	palo	model:	networks globalprotect
vendor:	palo	model:	networks
vendor:	palo	model:	firewall
vendor:	palo	model:	pan-os

db:

NVD

ids:

CVE-2021-3064

25th October - Threat Intelligence Report - Check Point Research Trust: 4.25 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Oct. 25, 2021, 12:13 p.m.	Vulnerabilities: code execution, memory corruption

Affected products

External IDs

vendor:	google	model:	android
vendor:	check point	model:	check point

db:

NVD

ids:

CVE-2021-41355, CVE-2017-11882, CVE-2020-0951

Vulnerability Discovered in Ubiquiti Inc. UniFi Protect Software Related entries in the VARIoT vulnerabilities database: VAR-202108-0413 Trust: 3.75 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Sept. 2, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

ubiquiti

model:

unifi

db:

NVD

ids:

CVE-2021-22944

Microsoft November 2021 Patch Tuesday Related entries in the VARIoT vulnerabilities database: VAR-202111-0697, VAR-202111-0473, VAR-202111-0789, VAR-202111-0660 Trust: 3.75 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 15, 2021, midnight	Vulnerabilities: feature bypass, denial of service, information disclosure...

Affected products

External IDs

db:

NVD

ids:

CVE-2021-41379, CVE-2021-42303, CVE-2021-42287, CVE-2021-41374, CVE-2021-26444, CVE-2021-41376, CVE-2021-38665, CVE-2021-42304, CVE-2021-42288, CVE-2021-42280, CVE-2021-42282, CVE-2021-36957, CVE-2021-42319, CVE-2021-40442, CVE-2021-42276, CVE-2021-42285, CVE-2021-41375, CVE-2021-42298, CVE-2021-42274, CVE-2021-41371, CVE-2021-41372, CVE-2021-41368, CVE-2021-41370, CVE-2021-43209, CVE-2021-41373, CVE-2021-42300, CVE-2021-42322, CVE-2021-41367, CVE-2021-42279, CVE-2021-42278, CVE-2021-42291, CVE-2021-42321, CVE-2021-26443, CVE-2021-42305, CVE-2021-42323, CVE-2021-42292, CVE-2021-42301, CVE-2021-41366, CVE-2021-41356, CVE-2021-43208, CVE-2021-42284, CVE-2021-38666, CVE-2021-41349, CVE-2021-42275, CVE-2021-42277, CVE-2021-42286, CVE-2021-41378, CVE-2021-41377, CVE-2021-42316, CVE-2021-3711, CVE-2021-42302, CVE-2021-42283, CVE-2021-38631, CVE-2021-41351, CVE-2021-42296

New Windows update patches 55 bugs and major vulnerabilities Trust: 3.25 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 11, 2021, 8 a.m.	Vulnerabilities: code execution

Affected products	External IDs

November Patch Tuesday drop fixes bugs in Excel, Exchange Server Trust: 5.25 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 10, 2021, midnight	Vulnerabilities: security feature bypass, buffer overflow, memory corruption...

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2021-42292, CVE-2021-42270, CVE-2021-26855, CVE-2021-38666, CVE-2021-27065, CVE-2021-3711, CVE-2021-42316, CVE-2021-42321, CVE-2021-42298, CVE-2021-26443

Microsoft Security Response Center Trust: 4.25 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Dec. 11, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-42306, CVE-2021-38645, CVE-2021-38647, CVE-2021-38649, CVE-2021-38648

Education, Research The Most Attacked Industries in The Cyberspace Trust: 4.5 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 12, 2021, 12:19 p.m.	Vulnerabilities: path traversal, code execution, directory traversal...

Affected products

External IDs

vendor:	check point	model:	check point
vendor:	google	model:	android

Samsung monthly updates: November 2021 security patch details released - SamMobile Trust: 3.75 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 2, 2021, 7:35 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	galaxy
vendor:	samsung	model:	samsung
vendor:	samsung	model:	galaxy s10

Apple rushes to block 'zero-click' iPhone spyware - BBC News Trust: 3.25 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Sept. 14, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

Device security \| Cloud IoT Core Documentation \| Google Cloud Trust: 3.0 Fetched: Nov. 22, 2021, 8:12 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

CVE - CVE-2021-40114 Related entries in the VARIoT vulnerabilities database: VAR-202110-1353 Trust: 5.75 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	cisco systems
vendor:	cisco	model:	series
vendor:	cisco	model:	cisco systems
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2021-40114

CVE-2021-40117 - CVE.report Related entries in the VARIoT vulnerabilities database: VAR-202110-1351 Trust: 6.0 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Jan. 7, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2021-40117

Patch Now: Cisco, CISA Sound The Alarm On Four Software Flaws - My TechDecisions Related entries in the VARIoT vulnerabilities database: VAR-202111-0664 Trust: 4.5 Fetched: Nov. 22, 2021, 8:12 a.m., Published: -	Vulnerabilities: command injection, denial of service

Affected products

External IDs

vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	series
vendor:	cisco	model:	series switches
vendor:	cisco	model:	email security appliance
vendor:	cisco	model:	300 series managed switches
vendor:	cisco	model:	asyncos software
vendor:	cisco	model:	200 series smart switches
vendor:	cisco	model:	policy suite
vendor:	cisco	model:	cisco email security appliance
vendor:	cisco	model:	small business switches
vendor:	cisco	model:	small business 500 series stackable managed switches
vendor:	cisco	model:	small business series switches
vendor:	cisco	model:	esw2 series advanced switches
vendor:	cisco	model:	series smart switches
vendor:	cisco	model:	series stackable managed switches
vendor:	cisco	model:	500 series stackable managed switches
vendor:	cisco	model:	asyncos
vendor:	cisco	model:	series managed switches
vendor:	cisco	model:	cisco policy suite
vendor:	cisco	model:	small business series
vendor:	cisco	model:	small business
vendor:	cisco	model:	small business 300 series managed switches
vendor:	cisco	model:	cisco asyncos
vendor:	cisco	model:	catalyst

db:

NVD

ids:

CVE-2021-40119, CVE-2021-34741, CVE-2021-40112, CVE-2021-34739, CVE-2021-34795, CVE-2021-40113

Metasploit \| Penetration Testing Software, Pen Testing Security \| Metasploit Trust: 3.25 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Jan. 14, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

sonicwall

model:

sma 100

WP Fastest Cache Plugin Vulnerability Discovered \| SiteLock Trust: 3.0 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 4, 2021, midnight	Vulnerabilities: sql injection

Affected products	External IDs

October Related entries in the VARIoT vulnerabilities database: VAR-202112-0336, VAR-202112-0353, VAR-202202-1526, VAR-202106-0594, VAR-202112-0134, VAR-202103-1442, VAR-202110-1481, VAR-202109-1959, VAR-202110-1848, VAR-202110-1490, VAR-202110-1849, VAR-202112-0285, VAR-202112-0352, VAR-202110-1482, VAR-202106-1796, VAR-202112-0238, VAR-202111-1763, VAR-202201-0227, VAR-202112-0349, VAR-202110-1479, VAR-202110-1477, VAR-202112-0258, VAR-202110-1496, VAR-202110-1489, VAR-202112-0343, VAR-202110-1500, VAR-202112-0350, VAR-202110-1491, VAR-202109-0297, VAR-202110-1431, VAR-202112-0342, VAR-202110-1447, VAR-202112-0136, VAR-202109-0386, VAR-202112-0327, VAR-202112-0137, VAR-202112-0335, VAR-202110-1847, VAR-202112-0348, VAR-202109-0289, VAR-202110-1485, VAR-202104-1670, VAR-202110-1486, VAR-202112-0346, VAR-202111-0848, VAR-202110-1493, VAR-202110-1854, VAR-202108-0284, VAR-202112-0351, VAR-202112-0138, VAR-202201-0226, VAR-202108-2288, VAR-202110-1435, VAR-202110-1499, VAR-202110-1450, VAR-202112-0334, VAR-202106-0598, VAR-202110-1856, VAR-202106-0608, VAR-202112-0347, VAR-202112-0259 Trust: 5.25 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Oct. 11, 2021, 10:59 a.m.	Vulnerabilities: code execution, integer overflow, information leakage...

Affected products

External IDs

vendor:	huawei	model:	emui
vendor:	huawei	model:	huawei

db:

NVD

ids:

CVE-2021-37056, CVE-2021-37044, CVE-2021-37103, CVE-2021-0695, CVE-2021-22370, CVE-2021-37047, CVE-2021-28375, CVE-2021-36995, CVE-2021-22319, CVE-2021-30294, CVE-2021-0644, CVE-2021-37117, CVE-2021-0639, CVE-2021-36985, CVE-2021-37114, CVE-2021-37040, CVE-2021-37045, CVE-2021-0690, CVE-2021-36994, CVE-2021-22326, CVE-2021-37097, CVE-2021-37118, CVE-2021-37120, CVE-2021-37051, CVE-2021-36997, CVE-2021-36999, CVE-2021-0693, CVE-2021-0515, CVE-2021-37014, CVE-2021-22485, CVE-2021-36986, CVE-2021-0574, CVE-2021-37092, CVE-2021-0514, CVE-2021-0680, CVE-2021-22475, CVE-2021-37050, CVE-2021-22491, CVE-2021-0573, CVE-2021-0689, CVE-2021-1961, CVE-2021-22460, CVE-2021-37093, CVE-2021-0685, CVE-2021-1957, CVE-2021-0688, CVE-2021-36989, CVE-2021-0519, CVE-2021-37042, CVE-2021-0577, CVE-2021-1941, CVE-2021-37075, CVE-2021-0576, CVE-2021-1958, CVE-2021-0683, CVE-2021-0686, CVE-2021-3347, CVE-2021-0595, CVE-2021-37041, CVE-2021-37020, CVE-2021-37113, CVE-2021-0571, CVE-2021-0681, CVE-2021-0682, CVE-2021-37052, CVE-2021-0684, CVE-2021-1948, CVE-2021-0592, CVE-2021-0513, CVE-2021-36991, CVE-2021-3506, CVE-2021-36990, CVE-2021-0598, CVE-2021-1974, CVE-2021-37054, CVE-2021-37013, CVE-2021-22488, CVE-2021-30290, CVE-2021-37119, CVE-2021-22420, CVE-2021-37049, CVE-2021-37038, CVE-2021-37121, CVE-2021-0687, CVE-2021-22489, CVE-2021-22455, CVE-2021-22481, CVE-2021-22469, CVE-2021-0585, CVE-2021-37021, CVE-2021-22374, CVE-2020-14381, CVE-2021-37111, CVE-2021-22345, CVE-2021-37053, CVE-2021-37011

Philips IntelliBridge EC 40 and EC 80 Hub \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202111-1713 Trust: 6.75 Fetched: Nov. 22, 2021, 8:12 a.m., Published: -	Vulnerabilities: authentication bypass

Affected products

External IDs

vendor:

philips

model:

intellibridge ec40

db:	NVD	ids:	CVE-2021-32993, CVE-2021-33017
db:	ICS CERT	ids:	ICSMA-21-322-01
db:	ICS CERT ALERT	ids:	ICS-ALERT-10-301-01

Best Home Security Systems of 2021 - CNET Trust: 3.5 Fetched: Nov. 22, 2021, 8:12 a.m., Published: Jan. 15, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	abode	model:	keypad
vendor:	abode	model:	siren
vendor:	ring	model:	video doorbells
vendor:	ring	model:	ring
vendor:	comcast	model:	xfinity home security
vendor:	comcast	model:	xfinity
vendor:	comcast	model:	comcast xfinity
vendor:	google	model:	home

VARIoT news about IoT security