Sign-up

VARIoT news about IoT security

Vulnerabilities in Medtronic Product Can Allow Hackers to Control Cardiac Devices | SecurityWeek.Com

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 16, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2020-27252, CVE-2020-25183, CVE-2020-25187

US warns Log4j flaw puts hundreds of millions of devices at risk | ZDNet

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 14, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Threat Intel: Log4j - Critical Zero Day Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 13, 2021, midnight
 Vulnerabilities: denial of service, service disruption, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-4104

Log4j under siege, millions of devices vulnerable | Cybersecurity Dive

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 14, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

Critical Vulnerability in Ubiquitous Apache Log4j Library Under Active Attack - Medigate Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-2011, VAR-202112-0562

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 13, 2021, 7:06 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-4104, CVE-2021-44832, CVE-2021-45046

NVD - CVE-2021-34758

Related entries in the VARIoT vulnerabilities database: VAR-202110-0211

Trust: 5.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco systems model: telepresence
vendor: cisco systems model: telepresence collaboration endpoint
vendor: cisco systems model: cisco systems
vendor: cisco systems model: roomos
vendor: cisco systems model: cisco telepresence
vendor: cisco systems model: cisco roomos
vendor: cisco model: telepresence
vendor: cisco model: telepresence collaboration endpoint
vendor: cisco model: cisco systems
vendor: cisco model: roomos
vendor: cisco model: cisco telepresence
vendor: cisco model: cisco roomos
db: NVD ids: CVE-2021-34758

[no-title]

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: cross-site request forgery, cross-site scripting, request forgery...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2014-4829, CVE-2021-44228, CVE-2021-20401, CVE-2020-4786, CVE-2021-45046, CVE-2015-1997, CVE-2021-20400, CVE-2017-1724

Enterprise Cybersecurity Roundup [September 2021]

Related entries in the VARIoT vulnerabilities database: VAR-202109-1909

Trust: 4.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Sept. 16, 2021, midnight
 Vulnerabilities: command execution, privilege escalation, code execution
Affected productsExternal IDs
vendor: serve model: serve
vendor: palo model: networks
vendor: palo model: palo alto networks
vendor: apple model: macos
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks
db: NVD ids: CVE-2021-38649, CVE-2021-40444, CVE-2021-38645, CVE-2021-38648, CVE-2021-38647

What is Log4Shell? The Log4j vulnerability explained | Dynatrace news

Related entries in the VARIoT vulnerabilities database: VAR-202112-2011, VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 5.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 17, 2021, 7:15 a.m.
 Vulnerabilities: information leak, code execution
Affected productsExternal IDs
vendor: google model: home
db: NVD ids: CVE-2021-44832, CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 23, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

How serious is the Log4j vulnerability? | SecureTeam

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 15, 2021, 10:50 a.m.
 Vulnerabilities: injection attack, sql injection
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone
db: NVD ids: CVE-2021-44228, CVE-2021-45046

NVD - CVE-2021-34362

Trust: 4.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Aug. 20, 2021, midnight
 Vulnerabilities: os command injection, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2021-34362

Vulnerability management - Microsoft Service Assurance | Microsoft Docs

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Nov. 17, 2021, 10:47 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Huawei : Security vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202112-0231, VAR-202112-0344, VAR-202112-0226, VAR-202112-0252, VAR-202112-0342, VAR-202112-0227, VAR-202112-0232, VAR-202112-0246, VAR-202112-0263, VAR-202109-1644, VAR-202112-0242, VAR-202112-0243, VAR-202112-0253, VAR-202112-0256, VAR-202112-0336, VAR-202112-0222, VAR-202112-0244, VAR-202112-0248, VAR-202112-0327, VAR-202112-0230, VAR-202112-0262, VAR-202112-0235, VAR-202112-0251, VAR-202112-0238, VAR-202112-0245, VAR-202112-0133, VAR-202112-0239, VAR-202112-0391, VAR-202110-1355, VAR-202109-1645, VAR-202112-0223, VAR-202112-0343, VAR-202112-0229, VAR-202112-0249, VAR-202112-0254, VAR-202112-0237, VAR-202112-0240, VAR-202112-0224, VAR-202112-0345, VAR-202112-0241, VAR-202111-1276, VAR-202112-0234, VAR-202112-0236, VAR-202112-0247, VAR-202112-0233, VAR-202112-0228, VAR-202112-0250, VAR-202112-0255, VAR-202112-0225, VAR-202110-1301

Trust: 5.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: pointer dereference vulnerability, process crash, improper validation...
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: huawei model: fusioncompute
db: NVD ids: CVE-2021-37087, CVE-2021-37074, CVE-2021-37094, CVE-2021-37062, CVE-2021-37093, CVE-2021-37091, CVE-2021-37086, CVE-2021-37068, CVE-2021-37084, CVE-2021-37105, CVE-2021-37073, CVE-2021-37072, CVE-2021-37060, CVE-2021-37057, CVE-2021-37056, CVE-2021-37100, CVE-2021-37071, CVE-2021-37066, CVE-2021-37075, CVE-2021-37088, CVE-2021-37085, CVE-2021-37081, CVE-2021-37063, CVE-2021-37097, CVE-2021-37070, CVE-2021-37055, CVE-2021-37078, CVE-2021-37061, CVE-2021-37131, CVE-2021-37106, CVE-2021-37099, CVE-2021-37092, CVE-2021-37089, CVE-2021-37065, CVE-2021-37059, CVE-2021-37079, CVE-2021-37077, CVE-2021-37096, CVE-2021-37069, CVE-2021-37076, CVE-2021-37102, CVE-2021-37082, CVE-2021-37080, CVE-2021-37067, CVE-2021-37083, CVE-2021-37090, CVE-2021-37064, CVE-2021-37058, CVE-2021-37095, CVE-2021-37124

What Is Log4Shell? Log4j Vulnerability Explained | Perforce

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 16, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-4428

TOP LINE | Formaturas

Trust: 3.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: vivo model: vivo

How to secure Internet-connected devices from Log4j cyber threats

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs

New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 20, 2021, 2:56 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: apple model: iphone
vendor: huawei model: huawei
vendor: oneplus model: one
vendor: oneplus model: oneplus
vendor: samsung model: mobile
vendor: samsung model: samsung

Log4Shell Vulnerability Risks for OT Environments - and How You Can Better Protect Against Them

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 18, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: schneider model: monitor
db: NVD ids: CVE-2021-44228, CVE-2021-45046

FDA Warns of Apache Log4j Cybersecurity Vulnerabilities in Medical Devices - Campus Safety

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 21, 2021, 3:52 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs