Sign-up

VARIoT news about IoT security

If you like the data on your WD My Cloud OS 3 device, patch it now | Ars Technica

Related entries in the VARIoT vulnerabilities database: VAR-202109-1804, VAR-202109-1805, VAR-202109-1802, VAR-202109-1803

Trust: 3.25

Fetched: May 13, 2022, 7:58 a.m., Published: May 3, 2022, midnight
 Vulnerabilities: request forgery
Affected productsExternal IDs
db: NVD ids: CVE-2021-36160, CVE-2021-34798, CVE-2021-40438, CVE-2021-39275

GE puts default password in radiology devices, leaving healthcare networks exposed | Ars Technica

Trust: 5.0

Fetched: May 13, 2022, 7:58 a.m., Published: Dec. 8, 2020, 5 p.m.
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: ge healthcare model: xeleris

Vulnerabilities Found in LG Mobile Devices - Security News

Trust: 4.5

Fetched: May 13, 2022, 7:58 a.m., Published: Aug. 5, 2022, midnight
 Vulnerabilities: privilege escalation, sql injection
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: samsung model: knox
vendor: check point model: check point
vendor: trend model: security
db: NVD ids: CVE-2016-3996, CVE-2016-1920, CVE-2016-2035, CVE-2016-1919, CVE-2016-3117

Device Vulnerability Management Market Size, Share, Industry Forecast 2029

Trust: 3.75

Fetched: May 13, 2022, 7:58 a.m., Published: May 13, 2029, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: trend model: security
db: NVD ids: CVE-2020-0601

Sinapsi Devices Vulnerabilities | CISA

Related entries in the VARIoT vulnerabilities database: VAR-201211-0090, VAR-201211-0091, VAR-201211-0088, VAR-201211-0089

Trust: 4.25

Fetched: May 13, 2022, 7:57 a.m., Published: Jan. 10, 2020, midnight
 Vulnerabilities: command injection, sql injection
Affected productsExternal IDs
vendor: sinapsi model: esolar
vendor: sinapsi model: esolar duo
vendor: sinapsi model: sinapsi
vendor: sinapsi model: esolar light
vendor: sinapsi model: esolar light photovoltaic system monitor
db: NVD ids: CVE-2012-5863, CVE-2012-5864, CVE-2012-5861, CVE-2012-5862

Cisco IOS : List of security vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202006-1084, VAR-202103-0545, VAR-202006-1150, VAR-201810-0565, VAR-201909-0160, VAR-201903-0571, VAR-201901-0473, VAR-201903-0567, VAR-201903-0558, VAR-201903-0597, VAR-201810-0567, VAR-202006-1093, VAR-202006-1151, VAR-201903-0600, VAR-202009-1160, VAR-202009-0479, VAR-201810-0345, VAR-201903-0559, VAR-201909-0165, VAR-201810-0339, VAR-201903-0569, VAR-201810-0351, VAR-202103-0540, VAR-202006-1095, VAR-201903-0563, VAR-202006-1097, VAR-201909-0184, VAR-201909-0158, VAR-201903-0596, VAR-201810-0569, VAR-201903-0592, VAR-202006-1092, VAR-201903-0574, VAR-201810-0561, VAR-201810-0568, VAR-202109-0601, VAR-202103-0550, VAR-202109-0747, VAR-201903-0599, VAR-201909-0181, VAR-201909-1523, VAR-201903-0565, VAR-201810-0346, VAR-201909-0186, VAR-202103-0537, VAR-202006-1098, VAR-201909-0166, VAR-201909-0161, VAR-201903-0595, VAR-202006-1148

Trust: 5.25

Fetched: May 13, 2022, 7:57 a.m., Published: May 13, 2050, midnight
 Vulnerabilities: denial of service, buffer overflow, cross-site scripting...
Affected productsExternal IDs
vendor: cisco model: integrated services router
vendor: cisco model: series
vendor: cisco model: catalyst 6500 series
vendor: cisco model: catalyst
vendor: cisco model: industrial integrated services routers
vendor: cisco model: router
vendor: cisco model: ios xe
vendor: cisco model: isr g2
vendor: cisco model: isr4451
vendor: cisco model: catalyst 6500
vendor: cisco model: cisco ios xr
vendor: cisco model: ios xe software
vendor: cisco model: 4451-x integrated services router
vendor: cisco model: ios software
vendor: cisco model: ios xr
vendor: cisco model: hsrp
vendor: cisco model: cisco iox
vendor: cisco model: 4451-x
vendor: cisco model: cisco ios xe
vendor: cisco model: catalyst 2960-l series switches
vendor: cisco model: isr4451-x
vendor: cisco model: ios xr software
vendor: cisco model: catalyst cdb-8p switches
vendor: cisco model: integrated services routers
vendor: cisco model: nx-os software
vendor: cisco model: series switches
vendor: cisco model: cisco iox application
db: NVD ids: CVE-2020-3217, CVE-2021-1385, CVE-2020-3204, CVE-2018-15373, CVE-2019-12650, CVE-2019-1756, CVE-2018-0484, CVE-2019-1751, CVE-2019-1761, CVE-2019-1740, CVE-2018-15375, CVE-2020-3226, CVE-2020-3200, CVE-2019-1738, CVE-2020-3476, CVE-2019-16009, CVE-2018-0473, CVE-2019-1748, CVE-2019-12655, CVE-2018-0466, CVE-2019-1758, CVE-2018-0485, CVE-2021-1377, CVE-2020-3228, CVE-2019-1752, CVE-2020-3230, CVE-2019-12670, CVE-2019-12649, CVE-2019-1747, CVE-2018-15377, CVE-2019-1737, CVE-2020-3225, CVE-2019-1762, CVE-2018-15369, CVE-2018-15376, CVE-2021-34705, CVE-2021-1391, CVE-2021-34699, CVE-2019-1739, CVE-2019-12668, CVE-2019-12665, CVE-2019-1757, CVE-2018-0475, CVE-2019-12672, CVE-2021-1392, CVE-2020-3231, CVE-2019-12656, CVE-2019-12651, CVE-2019-1746, CVE-2020-3201

Vulnerability Categories

Trust: 3.0

Fetched: May 13, 2022, 7:57 a.m., Published: Jan. 6, 2000, midnight
 Vulnerabilities: brute force attack
Affected productsExternal IDs

Another Log4j Vulnerability Discovered

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.0

Fetched: May 13, 2022, 7:57 a.m., Published: May 10, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

VARIoT - Vulnerability and Attack Repository for IoT

Trust: 3.25

Fetched: May 13, 2022, 7:57 a.m., Published: Nov. 17, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Microsoft highlights macOS vulnerability, Apple issues fix | Windows Central

Trust: 3.0

Fetched: May 13, 2022, 7:57 a.m., Published: May 13, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos

Microsoft Issues January Security Patches Addressing 97 Vulnerabilities -- Redmondmag.com

Related entries in the VARIoT vulnerabilities database: VAR-202109-1789, VAR-202105-1269

Trust: 5.75

Fetched: May 13, 2022, 7:57 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend micro model: security
vendor: google model: chrome
vendor: trend model: security
vendor: cisco model: cisco routers
db: NVD ids: CVE-2022-21855, CVE-2022-21969, CVE-2022-21846, CVE-2022-21857, CVE-2022-21840, CVE-2021-22947, CVE-2021-31166, CVE-2022-21917, CVE-2022-21833, CVE-2022-21912, CVE-2021-21907, CVE-2022-21907, CVE-2022-21898

Over 50% Internet-connected Devices In Hospitals Vulnerable To Cybercrime: Report #hospitals #vulnerable - Cybercrime Cybersecurity Ransomware Washington Windows-TeluguStop

Trust: 3.0

Fetched: May 13, 2022, 7:57 a.m., Published: Jan. 20, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

53% of Connected Medical Devices Have Serious Vulnerabilities | The CISO Times

Trust: 3.75

Fetched: May 13, 2022, 7:57 a.m., Published: May 19, 2022, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs

Cisco StarOS Flaw Let Attackers Gain RCE on Vulnerable Device

Trust: 5.75

Fetched: May 13, 2022, 7:57 a.m., Published: May 10, 2022, midnight
 Vulnerabilities: information disclosure, code execution
Affected productsExternal IDs
vendor: cisco model: cisco staros
vendor: cisco model: staros
db: NVD ids: CVE-2022-20648, CVE-2022-20649

Around 300K MikroTik devices are vulnerable to remote botnet attacks

Related entries in the VARIoT vulnerabilities database: VAR-201910-0546, VAR-201803-2171, VAR-201910-0547

Trust: 4.75

Fetched: May 13, 2022, 7:57 a.m., Published: Dec. 9, 2021, midnight
 Vulnerabilities: directory traversal, code injection, code execution...
Affected productsExternal IDs
vendor: mikrotik model: router
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: winbox
vendor: mikrotik model: routers
db: NVD ids: CVE-2019-3977, CVE-2018-7445, CVE-2019-3978, CVE-2018-74847

Full Disclosure: [RT-SA-2021-009] Credential Disclosure in Web Interface of Crestron Device

Trust: 4.75

Fetched: May 13, 2022, 7:57 a.m., Published: Feb. 4, 2022, midnight
 Vulnerabilities: information disclosure, credential disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2022-23178

Over 50% internet-connected devices in hospitals vulnerable to cybercrime: Report

Trust: 3.0

Fetched: May 13, 2022, 7:57 a.m., Published: May 13, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Is Your Hospital Safe From A Cyber Attack? Probably Not, Report Warns

Trust: 3.75

Fetched: May 13, 2022, 7:57 a.m., Published: May 2, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: trend model: security

Remotely Exploitable NetUSB Flaw Puts Millions of Devices at Risk

Trust: 5.5

Fetched: May 13, 2022, 7:56 a.m., Published: June 23, 2022, midnight
 Vulnerabilities: denial of service, code execution, buffer overflow...
Affected productsExternal IDs
vendor: netgear model: r6700
vendor: netgear model: r6400
vendor: netgear model: d7800
vendor: d-link model: router
vendor: kcodes model: netusb
db: NVD ids: CVE-2021-45388

Fortinet : Security vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202111-0284, VAR-202110-0150, VAR-202112-0729, VAR-202111-0313, VAR-202112-0524, VAR-202112-0401, VAR-202111-0330, VAR-202112-0420, VAR-202112-0400, VAR-202112-0330, VAR-202110-0151, VAR-202112-0328, VAR-202112-0523, VAR-202112-0406, VAR-202112-0331, VAR-202112-0525, VAR-202112-0405, VAR-202112-0287, VAR-202112-0288, VAR-202111-0305, VAR-202109-0501, VAR-202112-0383, VAR-202112-0384, VAR-202112-1045, VAR-202110-0149, VAR-202112-0339, VAR-202112-0421, VAR-202111-0343, VAR-202111-0307, VAR-202112-0367, VAR-202112-0286, VAR-202111-0314, VAR-202111-0322, VAR-202109-0502, VAR-202111-0317, VAR-202112-1044, VAR-202112-0379, VAR-202112-0399, VAR-202111-0241, VAR-202112-0356, VAR-202112-0332, VAR-202112-0378, VAR-202112-0670, VAR-202108-0712, VAR-202112-0526, VAR-202112-0380, VAR-202112-0329, VAR-202112-0338, VAR-202111-0306, VAR-202111-0302

Trust: 5.75

Fetched: May 13, 2022, 7:56 a.m., Published: May 13, 2050, midnight
 Vulnerabilities: os command injection, information disclosure, denial of service...
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2021-36192, CVE-2021-36175, CVE-2021-42758, CVE-2021-36185, CVE-2021-43071, CVE-2021-36189, CVE-2021-36176, CVE-2021-41030, CVE-2021-36194, CVE-2021-41024, CVE-2021-36178, CVE-2021-43063, CVE-2021-36188, CVE-2021-36195, CVE-2021-41015, CVE-2021-43065, CVE-2021-41017, CVE-2021-42752, CVE-2021-41029, CVE-2021-36187, CVE-2021-36179, CVE-2021-41025, CVE-2021-41021, CVE-2021-41028, CVE-2021-36170, CVE-2021-36180, CVE-2021-41013, CVE-2021-36183, CVE-2021-36184, CVE-2021-43068, CVE-2021-43067, CVE-2021-36174, CVE-2021-41019, CVE-2021-36182, CVE-2021-36181, CVE-2021-44168, CVE-2021-41027, CVE-2021-43204, CVE-2021-36172, CVE-2021-42760, CVE-2021-41014, CVE-2021-36190, CVE-2021-36169, CVE-2021-36168, CVE-2021-36167, CVE-2021-36191, CVE-2021-43064, CVE-2021-42757, CVE-2021-36186, CVE-2021-42754