Sign-up

VARIoT news about IoT security

Rockwell Automation Stratix Devices Containing Cisco IOS | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202006-1085, VAR-202006-1151, VAR-202006-1078, VAR-202103-0768, VAR-202103-0545, VAR-202006-1096, VAR-202006-1076, VAR-202009-1147, VAR-202006-1086

Trust: 5.5

Fetched: Nov. 4, 2022, 2:03 p.m., Published: Nov. 1, 2022, midnight
 Vulnerabilities: command injection, improper validation, directory traversal...
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco iox
vendor: cisco model: ios software
vendor: cisco model: cisco iox application
vendor: cisco model: industrial ethernet
vendor: cisco model: iox application
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: rockwell automation model: automation stratix
vendor: rockwell model: automation stratix
db: NVD ids: CVE-2020-3218, CVE-2020-3200, CVE-2020-3211, CVE-2021-1446, CVE-2021-1385, CVE-2020-3229, CVE-2020-3209, CVE-2020-3516, CVE-2020-3219

Cybercriminals exploit critical vulnerabilities in Veeam Backup - Techzine Europe

Trust: 4.0

Fetched: Nov. 4, 2022, 2:03 p.m., Published: Oct. 25, 2022, 6:05 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-26501, CVE-2022-26504, CVE-2022-26500

Cisco Email Security Appliance Denial of Service Vulnerability - Cisco

Trust: 5.0

Fetched: Nov. 4, 2022, 2:02 p.m., Published: Nov. 2, 2022, 11:40 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cloud email security
vendor: cisco model: cisco cloud email security
vendor: cisco model: cisco email security appliance
vendor: cisco model: email security appliance

Siemens LOGO! 8 BM Devices | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202210-0504, VAR-202210-0503, VAR-202210-0505

Trust: 3.75

Fetched: Nov. 4, 2022, 1:59 p.m., Published: Nov. 8, 2022, midnight
 Vulnerabilities: improper validation
Affected productsExternal IDs
db: NVD ids: CVE-2022-36361, CVE-2022-36362, CVE-2022-36363

Bugs in Safari, iOS 16.1 could let hackers steal users’ sensitive data: Cert-In

Trust: 4.75

Fetched: Nov. 4, 2022, 1:58 p.m., Published: Oct. 25, 2022, 8:07 p.m.
 Vulnerabilities: improper memory handling, use after free, memory corruption...
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: webkit

Vulnerabilities In Airline WiFi Devices Expose Passenger Data

Trust: 3.75

Fetched: Nov. 4, 2022, 1:58 p.m., Published: Oct. 11, 2022, midnight
 Vulnerabilities: default password
Affected productsExternal IDs
db: NVD ids: CVE-2022-36158

Apple fixes latest zero-day vulnerability to hit iOS devices | SC Media

Related entries in the VARIoT vulnerabilities database: VAR-202210-1624

Trust: 4.75

Fetched: Nov. 4, 2022, 1:58 p.m., Published: Oct. 26, 2022, 3:29 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: watchos
vendor: apple model: tvos
vendor: apple model: safari
db: NVD ids: CVE-2022-42827

Fortinet Admits Many Devices Still Unprotected Against Exploited Vulnerability | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202210-0198

Trust: 4.0

Fetched: Nov. 4, 2022, 1:57 p.m., Published: Nov. 4, 2022, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2022-40684

Export software vulnerabilities assessment per device | Microsoft Learn

Trust: 3.5

Fetched: Nov. 4, 2022, 1:56 p.m., Published: Oct. 19, 2022, 9:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
db: NVD ids: CVE-2020-16011, CVE-2020-15992, CVE-2020-26971

Threat and vulnerability management - Microsoft Service Assurance | Microsoft Learn

Trust: 3.0

Fetched: Nov. 4, 2022, 1:50 p.m., Published: Oct. 17, 2022, 9:44 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

BlackBerry Blog

Trust: 3.0

Fetched: Nov. 4, 2022, 1:49 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: blackberry model: blackberry

Oracle Security Alert - CVE-2020-14750

Trust: 3.0

Fetched: Nov. 4, 2022, 1:41 p.m., Published: Oct. 30, 2020, 7:46 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2020-14750, CVE-2020-14882

Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability

Trust: 3.75

Fetched: Nov. 4, 2022, 1:30 p.m., Published: Aug. 17, 2022, 12:48 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: asa software
vendor: cisco model: security device manager
vendor: cisco model: firepower
vendor: cisco model: asdm
vendor: cisco model: intrusion prevention system
vendor: cisco model: adaptive security appliance
vendor: cisco model: adaptive security device manager
vendor: cisco model: adaptive security appliance software
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower management center
vendor: cisco model: device manager

Government Warns Google Chrome Users of 'Highly Severe' Vulnerabilities, Urges to Install Latest Update | Technology News

Trust: 4.75

Fetched: June 9, 2022, 1:20 p.m., Published: May 3, 2022, 8:07 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

SonicWall urges customers to fix SMA 1000 vulnerabilitiesSecurity Affairs

Trust: 5.75

Fetched: June 9, 2022, 1:20 p.m., Published: May 13, 2022, 9:30 p.m.
 Vulnerabilities: access control vulnerability, open redirect issue, improper access control...
Affected productsExternal IDs
vendor: sonicwall model: secure mobile access
vendor: sonicwall model: sma1000
db: NVD ids: CVE-2022-22282

What Is a Computer Worm & How Do You Prevent Them?

Trust: 4.25

Fetched: June 9, 2022, 1:13 p.m., Published: May 13, 2022, 8:21 p.m.
 Vulnerabilities: default credentials, denial of service
Affected productsExternal IDs
vendor: avast model: antivirus
vendor: trend micro model: security
vendor: trend micro model: antivirus
vendor: trend model: security
vendor: trend model: antivirus

Critical vulnerabilities in VMWare products | Kaspersky official blog

Trust: 4.0

Fetched: June 9, 2022, 1:12 p.m., Published: Jan. 9, 2050, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-22972, CVE-2022-22973

F5 BIG-IP Critical Remote Code Execution Vulnerability Getting Exploited. Patch Now! - SecPod Blog

Related entries in the VARIoT vulnerabilities database: VAR-202205-0394

Trust: 5.0

Fetched: June 9, 2022, 1:11 p.m., Published: May 10, 2022, 8:18 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-1388

Android Devices Are at Risk After Microsoft Detects Serious Security Bugs | Tech Times

Trust: 3.75

Fetched: June 9, 2022, 1:08 p.m., Published: May 31, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, CVE-2021-42601

Actively exploited vulnerability in Windows | Kaspersky official blog

Related entries in the VARIoT vulnerabilities database: VAR-202205-0799

Trust: 3.25

Fetched: June 9, 2022, 1:08 p.m., Published: Jan. 9, 2050, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-29130, CVE-2022-26925, CVE-2022-22012, CVE-2022-22713, CVE-2022-29972, CVE-2022-26937