Sign-up

VARIoT news about IoT security

Microsoft Issues Serious Windows 10, Windows 11 Upgrade Warning

Related entries in the VARIoT vulnerabilities database: VAR-202107-1503, VAR-202109-1789, VAR-202201-0640

Trust: 3.75

Fetched: May 13, 2022, 7:59 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-21874, CVE-2021-36976, CVE-2022-21839, CVE-2022-21836, CVE-2021-22947, CVE-2022-21919

Attackers Are Targeting Unknown SolarwWnds Vulnerability, Microsoft Warns - KoDDoS Blog

Trust: 4.5

Fetched: May 13, 2022, 7:59 a.m., Published: Jan. 23, 2022, 7:27 a.m.
 Vulnerabilities: input validation bug, code execution
Affected productsExternal IDs
vendor: solarwinds model: serv-u
db: NVD ids: CVE-2021-35247, CVE-2021-35211

CentOS have Vulnerabilities

Trust: 4.75

Fetched: May 13, 2022, 7:59 a.m., Published: Jan. 25, 2022, midnight
 Vulnerabilities: code execution, command execution, file inclusion
Affected productsExternal IDs
db: NVD ids: CVE-2021-45466, CVE-2021-45467

Investigation of Log4j Vulnerability with Illumina instruments

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-2011, VAR-202112-0566

Trust: 3.0

Fetched: May 13, 2022, 7:59 a.m., Published: May 13, 2000, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44832, CVE-2021-44228

iOS Devices Can Freeze, Crash Due to a HomeKit Vulnerability | Dagold News

Trust: 3.5

Fetched: May 13, 2022, 7:59 a.m., Published: May 13, 2012, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: icloud
vendor: apple model: macos
vendor: apple model: iphone

Log4j vulnerability targeted

Trust: 5.0

Fetched: May 13, 2022, 7:59 a.m., Published: May 18, 2022, midnight
 Vulnerabilities: input validation problem
Affected productsExternal IDs
vendor: solarwinds model: serv-u
db: NVD ids: CVE-2021-35247

MSP facing vulnerabilities| WatchGuard Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: May 13, 2022, 7:59 a.m., Published: May 19, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Microsoft January 2022 Security Updates address 10 Critical vulnerabilities - Securezoo

Related entries in the VARIoT vulnerabilities database: VAR-202109-1789, VAR-202112-0566

Trust: 4.25

Fetched: May 13, 2022, 7:59 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-21846, CVE-2022-21840, CVE-2022-21857, CVE-2021-22947, CVE-2021-44228, CVE-2022-21917, CVE-2022-21833, CVE-2022-21912, CVE-2022-21907, CVE-2022-21898

QNAP Product Information Disclosure Vulnerability

Trust: 3.5

Fetched: May 13, 2022, 7:59 a.m., Published: Sept. 10, 2021, midnight
 Vulnerabilities: information disclosure
Affected productsExternal IDs

CISA Listed Multiple Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202103-0965

Trust: 5.5

Fetched: May 13, 2022, 7:58 a.m., Published: Jan. 24, 2022, midnight
 Vulnerabilities: os command injection, information disclosure, denial of service...
Affected productsExternal IDs
vendor: nagios model: nagios xi
vendor: solarwinds model: serv-u
vendor: aviatrix model: controller
vendor: node.js model: node.js
db: NVD ids: CVE-2006-1547, CVE-2021-40870, CVE-2021-32648, CVE-2020-11978, CVE-2021-33766, CVE-2021-21315, CVE-2021-22991, CVE-2021-25298, CVE-2018-8453, CVE-2012-0391, CVE-2021-25296, CVE-2021-35247, CVE-2020-13671, CVE-2020-14864, CVE-2021-21975, CVE-2021-25297, CVE-2020-13927

Cybercriminals Are Weaponizing MikroTik Devices: Here’s How

Related entries in the VARIoT vulnerabilities database: VAR-201910-0546, VAR-201803-2171, VAR-201910-0547, VAR-201808-0384

Trust: 5.5

Fetched: May 13, 2022, 7:58 a.m., Published: May 13, 2021, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: mikrotik model: router
vendor: mikrotik model: routeros
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: routers
db: NVD ids: CVE-2019-3977, CVE-2018-7445, CVE-2019-3978, CVE-2018-14847

UPDATE January 13, 2022 - Log4j Vulnerability Response | WaterISAC

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566

Trust: 3.75

Fetched: May 13, 2022, 7:58 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44228

First Patch Tuesday of 2022 Brings Fix for a Critical 'Wormable' Windows Vulnerability

Trust: 3.75

Fetched: May 13, 2022, 7:58 a.m., Published: May 17, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security

Remote Desktop Protocol Remote Code Execution Vulnerability - CVE-2022-21893 - Security Investigation

Trust: 4.75

Fetched: May 13, 2022, 7:58 a.m., Published: May 13, 2022, 3:58 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2019-0708, CVE-2022-21893, CVE-2019-0887

53% of medical devices have a known critical vulnerability | Vumetric Cyber Portal

Trust: 3.0

Fetched: May 13, 2022, 7:58 a.m., Published: May 13, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Is Your Hospital Safe From A Cyber Attack? Probably Not, Report Warns

Trust: 3.75

Fetched: May 13, 2022, 7:58 a.m., Published: May 2, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: trend model: security

Always On VPN IKEv2 Security Vulnerabilities - January 2022 | Richard M. Hicks Consulting, Inc.

Trust: 4.0

Fetched: May 13, 2022, 7:58 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: denial of service, code execution, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-21849

Microsoft warns EVERY Windows 10 user over nine 'critical' dangers you need to fix now

Trust: 5.0

Fetched: May 13, 2022, 7:58 a.m., Published: May 10, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-21840

Vulnerability Summary for the Week of January 3, 2022 | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202111-1774, VAR-202112-0896, VAR-202111-1766, VAR-202011-1493, VAR-202111-1771, VAR-202110-1869, VAR-202112-0908, VAR-202110-1858, VAR-202111-1782, VAR-202110-1866, VAR-202110-1856, VAR-202110-1854, VAR-202201-0227, VAR-202201-0077, VAR-202201-0203, VAR-202201-0174, VAR-202112-1035, VAR-202201-0085, VAR-202201-0226, VAR-202110-1864, VAR-202110-1848, VAR-202111-1769, VAR-202112-0911, VAR-202111-1770, VAR-202201-0205, VAR-202111-1767, VAR-202201-0206, VAR-202110-1855, VAR-202111-1768, VAR-202110-1852, VAR-202201-0221, VAR-202110-1859, VAR-202110-1863, VAR-202110-1867, VAR-202111-1763, VAR-202112-0910, VAR-202112-0901, VAR-202112-1044, VAR-202111-1784, VAR-202110-1847, VAR-202110-1851, VAR-202201-0104, VAR-202111-1783, VAR-202110-1850, VAR-202111-1764, VAR-202110-1868, VAR-202201-0073, VAR-202111-1773, VAR-202110-1862, VAR-202110-1865, VAR-202110-1849, VAR-202112-0906, VAR-202112-0909, VAR-202110-1860, VAR-202111-1772, VAR-202201-0170, VAR-202111-1765, VAR-202112-0916, VAR-202110-1853, VAR-202201-0040, VAR-202110-1861, VAR-202201-0204, VAR-202112-0900, VAR-202112-1033, VAR-202201-0155, VAR-202111-1781, VAR-202110-1857

Trust: 5.25

Fetched: May 13, 2022, 7:58 a.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: information disclosure, command injection, open redirect vulnerability...
Affected productsExternal IDs
vendor: huawei model: hisuite
vendor: huawei model: huawei
vendor: lighttpd model: lighttpd
vendor: google model: wifi
vendor: google model: android
vendor: google model: wi-fi router
vendor: asus model: asus
vendor: asus model: router
vendor: asus model: rt-ax56u
vendor: kaios model: kaios
db: NVD ids: CVE-2021-39987, CVE-2021-43850, CVE-2021-46042, CVE-2021-44591, CVE-2021-24786, CVE-2021-46145, CVE-2021-46144, CVE-2021-30337, CVE-2021-39966, CVE-2022-21662, CVE-2020-15933, CVE-2022-20015, CVE-2021-45832, CVE-2021-25994, CVE-2021-39977, CVE-2021-39978, CVE-2022-20012, CVE-2021-45942, CVE-2021-30270, CVE-2022-20018, CVE-2022-21661, CVE-2021-38918, CVE-2020-5956, CVE-2021-37128, CVE-2021-39988, CVE-2021-39968, CVE-2021-28711, CVE-2021-37111, CVE-2021-37119, CVE-2021-37120, CVE-2021-45833, CVE-2021-46080, CVE-2021-25030, CVE-2021-20872, CVE-2022-20013, CVE-2021-40525, CVE-2022-21644, CVE-2021-44158, CVE-2021-30289, CVE-2022-20014, CVE-2021-46071, CVE-2021-37121, CVE-2021-38674, CVE-2021-37125, CVE-2021-37117, CVE-2021-45969, CVE-2021-39974, CVE-2021-30273, CVE-2021-20148, CVE-2021-1894, CVE-2022-21642, CVE-2021-46041, CVE-2021-24042, CVE-2021-39969, CVE-2021-43832, CVE-2021-40111, CVE-2021-31522, CVE-2021-30282, CVE-2021-46040, CVE-2021-37133, CVE-2021-39143, CVE-2021-42841, CVE-2021-46043, CVE-2021-40110, CVE-2021-43947, CVE-2021-46074, CVE-2022-21652, CVE-2021-46078, CVE-2021-43946, CVE-2022-22293, CVE-2021-39971, CVE-2021-46142, CVE-2021-44590, CVE-2021-39973, CVE-2021-37132, CVE-2021-45452, CVE-2022-20020, CVE-2021-20871, CVE-2021-38542, CVE-2022-20021, CVE-2021-39970, CVE-2021-37098, CVE-2021-31833, CVE-2021-39972, CVE-2022-20022, CVE-2021-46039, CVE-2021-30298, CVE-2021-25020, CVE-2021-45457, CVE-2021-46044, CVE-2021-24893, CVE-2021-24831, CVE-2021-37118, CVE-2021-1918, CVE-2021-30272, CVE-2021-30335, CVE-2021-30351, CVE-2021-45829, CVE-2021-44168, CVE-2021-45972, CVE-2022-21664, CVE-2021-46076, CVE-2022-0083, CVE-2021-41388, CVE-2021-39990, CVE-2021-36738, CVE-2021-45115, CVE-2021-46075, CVE-2021-45912, CVE-2022-20016, CVE-2021-37113, CVE-2021-30275, CVE-2021-30276, CVE-2021-3845, CVE-2021-45916, CVE-2021-37110, CVE-2021-43045, CVE-2021-45960, CVE-2021-20868, CVE-2021-43852, CVE-2020-27428, CVE-2021-30267, CVE-2021-39989, CVE-2021-20869, CVE-2021-39981, CVE-2021-39967, CVE-2021-39975, CVE-2021-36774, CVE-2022-0080, CVE-2021-46143, CVE-2021-44674, CVE-2021-39984, CVE-2021-41043, CVE-2022-20023, CVE-2021-45830, CVE-2021-37116, CVE-2021-45456, CVE-2021-20870, CVE-2021-35093, CVE-2021-37126, CVE-2021-45913, CVE-2021-46073, CVE-2021-43711, CVE-2021-25981, CVE-2021-46067, CVE-2021-45970, CVE-2022-0122, CVE-2021-25743, CVE-2021-30262, CVE-2021-36751, CVE-2021-37114, CVE-2021-45978, CVE-2021-30274, CVE-2022-21651, CVE-2021-45389, CVE-2021-30268, CVE-2022-21648, CVE-2021-45971, CVE-2021-41141, CVE-2021-46141, CVE-2021-41842, CVE-2021-4194, CVE-2021-34797, CVE-2022-21650, CVE-2021-28715, CVE-2021-38576, CVE-2022-0079, CVE-2021-30271, CVE-2022-21647, CVE-2021-45979, CVE-2021-46079, CVE-2021-39980, CVE-2021-28714, CVE-2021-39983, CVE-2021-22567, CVE-2021-44564, CVE-2021-37112, CVE-2021-43779, CVE-2021-36737, CVE-2021-27738, CVE-2021-30303, CVE-2021-30283, CVE-2021-39979, CVE-2021-43816, CVE-2021-20147, CVE-2022-20019, CVE-2021-44351, CVE-2021-30336, CVE-2021-25023, CVE-2021-28712, CVE-2022-0128, CVE-2021-39982, CVE-2021-30279, CVE-2021-40148, CVE-2021-28713, CVE-2022-21643, CVE-2021-30293, CVE-2022-22704, CVE-2021-3837, CVE-2021-30348, CVE-2021-25021, CVE-2021-36739, CVE-2021-44878, CVE-2021-44584, CVE-2021-30278, CVE-2021-45116, CVE-2022-0121, CVE-2021-45428, CVE-2022-21663, CVE-2021-45980, CVE-2021-30269, CVE-2021-45458, CVE-2021-41789, CVE-2022-22707, CVE-2021-39985, CVE-2022-21653, CVE-2021-3842, CVE-2021-37134, CVE-2020-11263

This security flaw could disable your iPhone or iPad, but Apple is on it | TechRadar

Trust: 5.0

Fetched: May 13, 2022, 7:58 a.m., Published: May 4, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: ipod touch
vendor: apple model: icloud
vendor: apple model: ipad air
vendor: apple model: iphone