Sign-up

VARIoT news about IoT security

IoT Penetration Testing Cookbook: Identify vulnerabilities and secure your smart devices (English Edition) - IO Sales

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Serious security vulnerabilities in DRAM memory devices - Tech Xplore - Business Fast

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 16, 2021, 1:37 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dram model: dram

USB Devices the Common Denominator in All Attacks on Air-Gapped Systems - The Hack Posts

Trust: 3.75

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 3, 2021, 3:45 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2010-2568

Trusted Platform Module firmware vulnerability: technical documentation - The Chromium Projects

Trust: 3.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: weak password
Affected productsExternal IDs
vendor: infineon model: trusted platform
vendor: samsung model: note
vendor: samsung model: samsung
vendor: lenovo model: system
vendor: lenovo model: yoga
vendor: lenovo model: updates
vendor: lenovo model: flex
vendor: lenovo model: thinkpad
vendor: lenovo model: thinkpad 11e
vendor: lenovo model: thinkpad 13
vendor: google model: chrome
vendor: google model: pixel
vendor: google model: chrome os m63
vendor: google model: chrome os m61
vendor: google model: chrome os
vendor: google model: chrome os m62
vendor: asus model: asus

Top 7 Vulnerabilities In Android Applications 2022 -

Trust: 3.25

Fetched: Dec. 6, 2021, 2:33 p.m., Published: -
 Vulnerabilities: information leakage, configuration vulnerability, brute force attack
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android

Multiple vulnerabilities discovered in smart home devices - Help Net Security

Trust: 6.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: fibaro model: home center lite
vendor: fibaro model: fibaro home center lite
vendor: eq-3 model: ccu2
vendor: eq-3 model: homematic ccu2
db: NVD ids: cve-2021-44077, CVE-2021-44077

When is a Security Vulnerability Not a Vulnerability - Immersive Labs

Trust: 5.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 1, 2022, midnight
 Vulnerabilities: code execution, command execution, privilege escalation
Affected productsExternal IDs
vendor: citrix model: netscaler
db: NVD ids: CVE-2020-19781

Security response plan for unauthenticated RCE vulnerability (CVE-2021-44077) | ManageEngine ServiceDesk Plus

Trust: 3.25

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Sept. 16, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-44077

NVD - CVE-2021-1419

Related entries in the VARIoT vulnerabilities database: VAR-202109-0233

Trust: 3.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: aironet_1850e
vendor: cisco model: aironet_4800_firmware
vendor: cisco model: catalyst_9800_firmware
vendor: cisco model: aironet_1850i
vendor: cisco model: aironet_1830i
vendor: cisco model: 1100
vendor: cisco model: wireless_lan_controller_software
vendor: cisco model: aironet_1830e
vendor: cisco model: aironet_4800
db: NVD ids: CVE-2021-1419

NVD - CVE-2021-41290

Trust: 5.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2021-41290

CVE security vulnerability database. Security vulnerabilities, exploits, references and more

Related entries in the VARIoT vulnerabilities database: VAR-202112-0132, VAR-202112-0395

Trust: 5.25

Fetched: Dec. 6, 2021, 2:33 p.m., Published: -
 Vulnerabilities: command execution, privilege escalation, control bypass...
Affected productsExternal IDs
vendor: quagga model: quagga
vendor: trend model: worry-free business security
vendor: trend model: password manager
vendor: trend model: micro worry-free business security
vendor: trend model: security
vendor: tenda model: ac15
vendor: zoho model: manageengine servicedesk plus
vendor: trend micro model: worry-free business security
vendor: trend micro model: password manager
vendor: trend micro model: micro worry-free business security
vendor: trend micro model: security
db: NVD ids: CVE-2021-44223, CVE-2021-44198, CVE-2021-44019, CVE-2021-44201, CVE-2021-44140, CVE-2021-44025, CVE-2021-44077, CVE-2021-44279, CVE-2021-44147, CVE-2021-44144, CVE-2013-0145, CVE-2021-44094, CVE-2021-44047, CVE-2021-44037, CVE-2021-44021, CVE-2021-44150, CVE-2021-44277, CVE-2021-44348, CVE-2021-44038, CVE-2021-44079, CVE-2021-44480, CVE-2021-44280, CVE-2021-44479, CVE-2021-44093, CVE-2021-44048, CVE-2021-44429, CVE-2021-44200, CVE-2021-44230, CVE-2021-44046, CVE-2021-44347, CVE-2021-44020, CVE-2021-44278, CVE-2021-44143, CVE-2021-44026, CVE-2021-44518, CVE-2021-44225, CVE-2021-44349, CVE-2021-44428, CVE-2021-44036, CVE-2021-44045, CVE-2021-44199, CVE-2009-1234, CVE-2021-44219, CVE-2021-44044, CVE-2021-44352, CVE-2021-44022, CVE-2021-44033, CVE-2021-44227, CVE-2021-44050, CVE-2021-44203, CVE-2021-44427, CVE-2021-44202

Security Flaw Discovered in MediaTek Smartphone Chip - IoT World Today

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 15, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 9, 2021, 11:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

NVD - CVE-2021-42111

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-42111, cve-2021-42111

Kali Linux Tools - GeeksforGeeks

Trust: 3.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: -
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: ollydbg model: ollydbg
vendor: google model: home
vendor: google model: wifi
vendor: wireshark model: wireshark

Category: Threats | Kaspersky official blog

Trust: 3.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-37975, CVE-2021-37974, CVE-2021-37976

Microsoft Patch Tuesday - November 2021 - Lansweeper

Related entries in the VARIoT vulnerabilities database: VAR-202111-0473, VAR-202111-0789, VAR-202111-0697, VAR-202111-0660

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 9, 2021, 7:30 p.m.
 Vulnerabilities: security feature bypass, denial of service, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2021-42323, CVE-2021-42304, CVE-2021-42283, CVE-2021-41373, CVE-2021-42321, CVE-2021-42322, CVE-2021-42305, CVE-2021-42277, CVE-2021-42298, CVE-2021-42292, CVE-2021-42276, CVE-2021-42319, CVE-2021-42285, CVE-2021-42280, CVE-2021-41376, CVE-2021-41368, CVE-2021-38631, CVE-2021-26443, CVE-2021-41372, CVE-2021-432083, CVE-2021-42288, CVE-2021-41351, CVE-2021-42303, CVE-2021-41356, CVE-2021-41370, CVE-2021-42300, CVE-2021-42301, CVE-2021-42296, CVE-2021-41379, CVE-2021-36957, CVE-2021-42279, CVE-2021-41377, CVE-2021-42274, CVE-2021-42275, CVE-2021-41371, CVE-2021-41374, CVE-2021-41375, CVE-2021-41378, CVE-2021-42286, CVE-2021-42278, CVE-2021-41349, CVE-2021-26444, CVE-2021-41367, CVE-2021-41366, CVE-2021-40442, CVE-2021-38666, CVE-2021-432093, CVE-2021-42284, CVE-2021-42287, CVE-2021-42316, CVE-2021-38665, CVE-2021-42291, CVE-2021-3711, CVE-2021-42282, CVE-2021-42302

Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS - Secure Cyber Solution

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: -
 Vulnerabilities: information disclosure, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2021-24084

Analysis of RDP Attack Surface and Its Security

Trust: 3.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: -
 Vulnerabilities: information leakage, integer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2020-11525, CVE-2020-15103

OT Vulnerability Assessments - ClemTech LLC, #1 Tool Available now

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 15, 2021, 8:17 p.m.
 Vulnerabilities: -
Affected productsExternal IDs