Sign-up

VARIoT news about IoT security

PSIRT - Huawei

Trust: 3.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei

RedTeam Pentesting - Blog - Inside a PBX - Discovering a Firmware Backdoor

Trust: 3.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 20, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: lighttpd model: lighttpd
vendor: u-boot model: das u-boot
db: NVD ids: CVE-2021-40857, CVE-2021-40856, CVE-2021-40859

6 Ways to Quickly Detect a Log4Shell Exploit in Your Environment | Qualys Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 20, 2021, 5:41 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-4228, CVE-2021-45046

4 Steps to Improve Your Vulnerability Management Process

Trust: 3.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 4, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

Zloader Banking Malware Uses Microsoft E-Signature Tool Vulnerability to Steal Sensitive Credentials | Tech Times

Trust: 4.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 5, 2022, 2:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2020-1599, CVE-2012-0151, CVE-2013-3900

The securities vulnerabilities of Iot Devices in the Medical Field - Qualified Scholars

Trust: 3.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 8, 2022, 3:03 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: serve model: serve

CVE-2021-44832: New Vulnerability Found in Apache Log4j - Netskope

Related entries in the VARIoT vulnerabilities database: VAR-202112-2011, VAR-202112-0562, VAR-202112-0566

Trust: 4.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44832, CVE-2021-45046, CVE-2021-44228

Security Notification - Apache Log4j Vulnerability (Log4Shell) | Schneider Electric

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782

Trust: 3.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105

Log4j: Tokyo Drift | Digital Shadows

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 4.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 22, 2021, 8:38 p.m.
 Vulnerabilities: denial of service, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Let's Check Your Device For Malicious Software Facebook Mac

Related entries in the VARIoT vulnerabilities database: VAR-202005-0698

Trust: 4.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 9, 2022, 3:53 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: serve model: serve
vendor: cisco model: prime network
vendor: cisco model: management appliance
vendor: cisco model: unified contact center express
vendor: cisco model: cisco prime network
vendor: cisco model: network registrar
vendor: cisco model: cisco unified contact center express
vendor: cisco model: prime collaboration
vendor: cisco model: prime collaboration provisioning
vendor: cisco model: mds 9000 series
vendor: cisco model: cisco prime collaboration provisioning
vendor: cisco model: prime network registrar
vendor: cisco model: cisco prime network registrar
vendor: cisco model: series
vendor: cisco model: mds 9000
vendor: cisco model: cisco prime collaboration
vendor: snort model: snort
db: NVD ids: CVE-2020-3280

Complete List of Vulnerabilities for SMEs (2014-2022) - Privacy Australia

Trust: 3.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 2, 2022, 2:34 p.m.
 Vulnerabilities: denial of service, injection attack, sql injection
Affected productsExternal IDs

Apple iOS device may crash this bug can become a problem HomeKit Vulnerability, Apple's iOS device " Press24 News English

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 5, 2022, 3:11 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: icloud

[no-title]

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Apache Log4j Vulnerability Guidance

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-2011, VAR-202112-0562

Trust: 5.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: information leak, code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: check point model: check point
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-4104, CVE-2021-44832, CVE-2021-45046

Apple iOS bug makes your iPhones vulnerable to ransomware attacks

Trust: 5.25

Fetched: Jan. 14, 2022, 11:34 a.m., Published: Jan. 6, 2022, 5:33 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: home
vendor: apple model: safari
vendor: apple model: iphone
vendor: apple model: icloud

Cyble - Log4j RCE 0-day Vulnerability in Java Actively Exploited

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.5

Fetched: Jan. 14, 2022, 11:34 a.m., Published: Dec. 13, 2021, 5:18 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: watch
db: NVD ids: CVE-2021-44228

Log4Shell (CVE-2021-44228) Vulnerability Detection and Remediation - Motorola Solutions Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.75

Fetched: Jan. 14, 2022, 11:34 a.m., Published: Dec. 16, 2021, 4:58 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: motorola model: motorola
db: NVD ids: CVE-2021-44228

‘Internet’s on Fire Right Now’: Millions of Devices at Risk Over New Software Vulnerability - The Thinking Conservative

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.75

Fetched: Jan. 14, 2022, 11:34 a.m., Published: Dec. 15, 2021, noon
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: canary model: canary
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228

Log4j Zero-Day Flaw: Update on the High-Profile Security Vulnerability |

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.75

Fetched: Jan. 14, 2022, 11:34 a.m., Published: Dec. 14, 2021, 5:11 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: zonealarm
vendor: check point model: check point
db: NVD ids: CVE-2021-44228

This serious macOS vulnerability could allow attackers to access all your private data | TechRadar

Related entries in the VARIoT vulnerabilities database: VAR-202108-1285

Trust: 6.0

Fetched: Jan. 14, 2022, 11:34 a.m., Published: Jan. 11, 2022, 11:30 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macbook
vendor: apple model: macos
vendor: apple model: icloud
db: NVD ids: CVE-2021-30970