VARIoT news about IoT security

Trust: 4.25

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Oct. 5, 2021, 4:26 p.m.
Vulnerabilities: directory traversal, code execution, path traversal...
Affected productsExternal IDs
vendor: siemens model: simatic
vendor: honeywell model: experion process knowledge system
vendor: honeywell model: experion
vendor: honeywell model: honeywell experion process knowledge system
db: NVD ids: CVE-2021-38397, CVE-2021-38395, CVE-2021-38399
Related entries in the VARIoT vulnerabilities database: VAR-202109-0245

Trust: 5.5

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Sept. 28, 2021, 3:30 p.m.
Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: cisco model: ios xe
vendor: cisco model: catalyst
vendor: cisco model: access points
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: sd-wan
vendor: cisco model: catos
db: NVD ids: CVE-2021-1619, CVE-2021-34727, CVE-2021-34770

Trust: 5.0

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Oct. 22, 2021, midnight
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: rarlab model: winrar
db: NVD ids: CVE-2021-35052

Trust: 4.0

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Nov. 12, 2021, 11:58 a.m.
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: serve model: serve

Trust: 3.5

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Jan. 17, 2021, midnight
Vulnerabilities: weak password, default credentials
Affected productsExternal IDs

Trust: 4.25

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Nov. 3, 2021, 10:57 p.m.
Vulnerabilities: default password, default credentials, sql injection
Affected productsExternal IDs
vendor: cisco model: routers
vendor: cisco model: router
db: NVD ids: CVE-2013-0232

Trust: 3.5

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Jan. 3, 2022, midnight
Vulnerabilities: privilege elevation
Affected productsExternal IDs
vendor: zoho corporation model: manageengine patch manager plus
vendor: zoho model: manageengine patch manager plus

Trust: 4.75

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Aug. 18, 2021, 4:33 p.m.
Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-28372

Trust: 4.5

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Nov. 11, 2021, 8:13 p.m.
Vulnerabilities: denial of service, information leak, code execution
Affected productsExternal IDs
vendor: siemens model: nucleus
vendor: trend model: security

Trust: 3.5

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Nov. 11, 2021, midnight
Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: siemens model: nucleus
Related entries in the VARIoT vulnerabilities database: VAR-202109-0245

Trust: 4.5

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Sept. 24, 2021, 7:26 a.m.
Vulnerabilities: buffer overflow, code execution, authentication bypass
Affected productsExternal IDs
vendor: cisco systems model: ios xe
vendor: cisco systems model: cisco sd-wan
vendor: cisco systems model: catalyst
vendor: cisco systems model: access points
vendor: cisco systems model: cisco ios xe
vendor: cisco systems model: asr 1000
vendor: cisco systems model: asr 1000 series
vendor: cisco systems model: sd-wan vmanage software
vendor: cisco systems model: cisco ios
vendor: cisco systems model: routers
vendor: cisco systems model: series integrated services routers
vendor: cisco systems model: cisco systems
vendor: cisco systems model: wireless controller
vendor: cisco systems model: sd-wan
vendor: cisco systems model: cloud services router 1000v
vendor: cisco systems model: cloud services router
vendor: cisco systems model: router
vendor: cisco systems model: ios xe software
vendor: cisco systems model: sd-wan vmanage
vendor: cisco systems model: series
vendor: cisco systems model: integrated services routers
vendor: cisco systems model: 1000v
vendor: cisco systems model: ios xe sd-wan software
vendor: cisco model: ios xe
vendor: cisco model: cisco sd-wan
vendor: cisco model: catalyst
vendor: cisco model: access points
vendor: cisco model: cisco ios xe
vendor: cisco model: asr 1000
vendor: cisco model: asr 1000 series
vendor: cisco model: sd-wan vmanage software
vendor: cisco model: cisco ios
vendor: cisco model: routers
vendor: cisco model: series integrated services routers
vendor: cisco model: cisco systems
vendor: cisco model: wireless controller
vendor: cisco model: sd-wan
vendor: cisco model: cloud services router 1000v
vendor: cisco model: cloud services router
vendor: cisco model: router
vendor: cisco model: ios xe software
vendor: cisco model: sd-wan vmanage
vendor: cisco model: series
vendor: cisco model: integrated services routers
vendor: cisco model: 1000v
vendor: cisco model: ios xe sd-wan software
db: NVD ids: CVE-2021-1619, CVE-2021-34727, CVE-2021-34770

Trust: 5.75

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Jan. 3, 2022, midnight
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco systems model: anyconnect secure mobility client
vendor: cisco systems model: cisco systems
vendor: cisco systems model: cisco anyconnect secure mobility client
vendor: cisco model: anyconnect secure mobility client
vendor: cisco model: cisco systems
vendor: cisco model: cisco anyconnect secure mobility client
db: NVD ids: CVE-2021-1450

Trust: 4.75

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Oct. 5, 2021, midnight
Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-38645, CVE-2021-38648, CVE-2021-38647, CVE-2021-38649

Trust: 4.25

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Jan. 15, 2021, 1:46 p.m.
Vulnerabilities: improper access control, cross-site scripting, information leakage...
Affected productsExternal IDs
vendor: check point model: check point
vendor: palo model: networks
vendor: palo model: palo alto networks
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks
db: NVD ids: CVE-1999-0517, CVE-2017-0144

Trust: 3.0

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Sept. 14, 2021, midnight
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: cve-2021-30858

Trust: 3.75

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Nov. 13, 2021, 8:59 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

Trust: 4.5

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Nov. 9, 2021, 6:02 p.m.
Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2020-1374, CVE-2021-38666, CVE-2021-34535, CVE-2019-0708

Trust: 3.5

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Sept. 15, 2021, 5 a.m.
Vulnerabilities: brute force attack
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: ipad
Related entries in the VARIoT vulnerabilities database: VAR-202109-1066

Trust: 5.25

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Jan. 17, 2021, midnight
Vulnerabilities: buffer overflow, authentication bypass
Affected productsExternal IDs
vendor: canary model: canary
vendor: netgear model: gs750e
vendor: netgear model: gs752tpv2
vendor: netgear model: gs108e
vendor: netgear model: gs724tpv2
vendor: netgear model: gs728tppv2
vendor: netgear model: gs105e
vendor: netgear model: gs752tpp
vendor: netgear model: gs728tpv2
db: NVD ids: CVE-2021-40866
Related entries in the VARIoT vulnerabilities database: VAR-202108-2057

Trust: 4.75

Fetched: Nov. 16, 2021, 1:27 p.m., Published: Oct. 12, 2021, 2:13 a.m.
Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipod touch
vendor: apple model: ipad
db: NVD ids: CVE-2021-30883