Sign-up

VARIoT news about IoT security

Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps | CSO Online

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 10, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Fortinet : Security vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202112-0525, VAR-202112-0401, VAR-202112-0338, VAR-202109-0501, VAR-202112-0367, VAR-202112-0524, VAR-202112-0399, VAR-202112-0328, VAR-202108-0658, VAR-202112-0331, VAR-202112-0329, VAR-202111-0343, VAR-202112-0523, VAR-202111-0284, VAR-202111-0314, VAR-202112-0288, VAR-202112-0384, VAR-202112-0420, VAR-202112-0332, VAR-202112-0287, VAR-202112-0405, VAR-202112-1045, VAR-202111-0307, VAR-202112-0339, VAR-202112-0670, VAR-202112-0356, VAR-202112-0330, VAR-202111-0317, VAR-202112-0406, VAR-202112-0379, VAR-202112-0729, VAR-202111-0306, VAR-202112-0378, VAR-202111-0241, VAR-202111-0305, VAR-202108-0712, VAR-202112-0383, VAR-202112-0400, VAR-202111-0313, VAR-202112-0526, VAR-202111-0322, VAR-202110-0151, VAR-202110-0149, VAR-202109-0502, VAR-202112-0286, VAR-202111-0330, VAR-202112-0421, VAR-202112-0380, VAR-202110-0150, VAR-202111-0302

Trust: 5.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: code execution, privilege escalation, authorization vulnerability...
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2021-43065, CVE-2021-36189, CVE-2021-42757, CVE-2021-36179, CVE-2021-43068, CVE-2021-43071, CVE-2021-43204, CVE-2021-43063, CVE-2021-32603, CVE-2021-41015, CVE-2021-43064, CVE-2021-36183, CVE-2021-36188, CVE-2021-36192, CVE-2021-36174, CVE-2021-41029, CVE-2021-41021, CVE-2021-41030, CVE-2021-41014, CVE-2021-42752, CVE-2021-41017, CVE-2021-41028, CVE-2021-36184, CVE-2021-36180, CVE-2021-36169, CVE-2021-42760, CVE-2021-41024, CVE-2021-36181, CVE-2021-36195, CVE-2021-41027, CVE-2021-42758, CVE-2021-36186, CVE-2021-36190, CVE-2021-36172, CVE-2021-36187, CVE-2021-36168, CVE-2021-41025, CVE-2021-36194, CVE-2021-36185, CVE-2021-36167, CVE-2021-41019, CVE-2021-36178, CVE-2021-36170, CVE-2021-36182, CVE-2021-43067, CVE-2021-36176, CVE-2021-41013, CVE-2021-36191, CVE-2021-36175, CVE-2021-42754

Java Log4JShell Vulnerability - What I Learned About it This Week

Trust: 4.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 23, 2021, 9:01 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: essential model: phone

MediaTek chipset-based Android phones vulnerable to hackers: Check Point Research | Deccan Herald

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 25, 2021, 6:24 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
vendor: google model: android
vendor: vivo model: vivo
db: NVD ids: CVE-2021-0663, CVE-2021-0661, CVE-2021-0662

Security vulnerabilities on the Data Distribution Service (DDS) | Ubuntu

Trust: 4.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 15, 2021, midnight
 Vulnerabilities: information exposure, buffer overflow, system crash
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2021-38429, CVE-2021-38487, CVE-2021-38441, CVE-2021-38425, CVE-2021-38443, CVE-2021-43547

HP fixes high-risk printer vulnerabilities affecting more than 150 HP printers

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 1, 2021, 4:50 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-39238, CVE-2021-39237

Home routers riddled with vulnerabilities - IT Security Guru

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 3, 2021, 2:42 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tp-link model: routers

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 9, 2021, 10:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 9, 2021, 11:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Research, News, and Perspectives

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2021-44228

Research, News, and Perspectives

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2021-44228

News :: Articles :: Kryptowire Collaborates with Orange and Uncovers Major Vulnerabilities in Mobile Devices at Scale

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: command execution
Affected productsExternal IDs

The US reveals new software vulnerability, warns hundreds of millions of devices at risk - Jobaaj Stories

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 29, 2021, 6:10 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Netgear fixes code execution flaw in many SOHO devicesSecurity Affairs

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 17, 2021, 9:35 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw - Microsoft Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-201906-0350, VAR-201906-0349

Trust: 5.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: privilege escalation, code injection
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: ring model: ring
db: NVD ids: CVE-2019-5242, CVE-2019-5241

Cisco Industrial Ethernet Switches Device Manager Cross-Site Request Forgery Vulnerability

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: request forgery, cross-site request forgery
Affected productsExternal IDs
vendor: cisco model: industrial ethernet
vendor: cisco model: device manager

Solved: Cisco devices and log4j2 vulnerability - Cisco Community

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 23, 2021, 3:34 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: series switches
vendor: cisco model: catalyst
vendor: cisco model: catalyst 2900 series
vendor: cisco model: series
vendor: cisco model: catalyst 2900

Apache Log4j 2 Vulnerability Security Advisory | Google Cloud

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh
vendor: google model: android
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Log4j Zero-Day Vulnerability Response

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-2011, VAR-202112-0562

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 10, 2022, 3:07 p.m.
 Vulnerabilities: information leak, code execution
Affected productsExternal IDs
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo model: palo alto networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-4104, CVE-2021-45056, CVE-2021-44832, CVE-2021-45046, CVE-2021-4428

Addressing Apache Log4j Vulnerability with NGFW and Cloud-Delivered Security Services - Palo Alto Networks Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 5.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 17, 2021, 2:40 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: palo alto networks
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo model: palo alto networks
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046