Sign-up

VARIoT news about IoT security

Security Vulnerabilities fixed in Firefox ESR 91.6 - Mozilla

Trust: [3.0, []]

Fetched: Feb. 24, 2022, 1:33 p.m., Published: -
 Vulnerabilities: memory corruption
Affected productsExternal IDs

Log4J2 Vulnerability to Zero-Day Exploit within CodeSonar and CodeSentry - GrammaTech

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-2011, VAR-202112-0562, VAR-202112-1782

Trust: [3.75, []]

Fetched: Feb. 24, 2022, 1:33 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-44832, CVE-2021-45046, CVE-2021-45105

More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover. | ConspiracyRevelation.Com

Related entries in the VARIoT vulnerabilities database: VAR-202012-0977

Trust: [3.0, []]

Fetched: Feb. 22, 2022, 10:06 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2020-29583

Log4j Vulnerability Sparks a Warning From the FTC | Davis Wright Tremaine

Trust: [3.0, []]

Fetched: Feb. 18, 2022, 8:38 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs

PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) | Web Hosting Talk

Trust: [3.75, []]

Fetched: Feb. 16, 2022, 7:13 a.m., Published: -
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2021-4034

Vulnerability In This Cisco Software Could Allow Hackers Access | Mid-Atlantic Computer Solutions

Trust: 5.5

Fetched: Feb. 10, 2022, 2:48 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: staros
vendor: cisco model: cisco staros
db: NVD ids: CVE-2022-20649

Vulnerability In This Cisco Software Could Allow Hackers Access | The NIC GROUP INC.

Trust: 5.5

Fetched: Feb. 10, 2022, 2:48 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: staros
vendor: cisco model: cisco staros
db: NVD ids: CVE-2022-20649

Remote code execution vulnerability present in SonicWall SMA 100 series appliances | Cyber.gov.au

Related entries in the VARIoT vulnerabilities database: VAR-202112-0361

Trust: 5.75

Fetched: Feb. 10, 2022, 2:48 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: remote access
vendor: sonicwall model: sma 100
db: NVD ids: CVE-2021-20038

Alert Regarding Vulnerabilities in SonicWall SMA 100 Series

Related entries in the VARIoT vulnerabilities database: VAR-202112-0361

Trust: 4.75

Fetched: Feb. 10, 2022, 2:48 p.m., Published: -
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: sonicwall model: sma100
vendor: sonicwall model: sma 100
db: NVD ids: CVE-2021-20038

Researcher Reveals Alleged Zero-Day Vulnerabilities in NUUO NVRmini2 Recording Device - Annuaire 770

Trust: 5.5

Fetched: Feb. 10, 2022, 2:48 p.m., Published: -
 Vulnerabilities: code execution, path traversal, command injection
Affected productsExternal IDs
vendor: nuuo model: network video recorder
vendor: nuuo model: nvrmini2
db: NVD ids: CVE-2011-5325

log4shell/README.md at main · NCSC-NL/log4shell · GitHub

Related entries in the VARIoT vulnerabilities database: VAR-202112-2011

Trust: 3.0

Fetched: Feb. 10, 2022, 2:48 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-44832

Basefarm Blog - Security, Cloud and Big Data

Trust: 3.0

Fetched: Feb. 10, 2022, 2:48 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone

Vulnerability In This Cisco Software Could Allow Hackers Access | TRG Networking

Trust: 5.5

Fetched: Feb. 8, 2022, 12:54 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: staros
vendor: cisco model: cisco staros
db: NVD ids: CVE-2022-20649

Log4j: The Vulnerability and Solution | Developer.com

Related entries in the VARIoT vulnerabilities database: VAR-202112-2011, VAR-202112-0566, VAR-202112-1782, VAR-202112-0562

Trust: 5.75

Fetched: Feb. 3, 2022, 11:02 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44832, CVE-2021-44228, CVE-2021-45105, CVE-2021-45046

How Hidden Vulnerabilities will Lead to Mobile Device Compromises - MalwareDefinition.com

Trust: 5.0

Fetched: Feb. 3, 2022, 11:02 a.m., Published: -
 Vulnerabilities: session hijacking
Affected productsExternal IDs
vendor: google model: wifi

Report: Fifty-three Percent of Connected Medical Devices Have a Vulnerability | Healthcare Innovation

Trust: 3.0

Fetched: Feb. 3, 2022, 11:02 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs

How Hidden Vulnerabilities will Lead to Mobile Device Compromises - MalwareDefinition.com

Trust: 5.0

Fetched: Feb. 3, 2022, 11:02 a.m., Published: -
 Vulnerabilities: session hijacking
Affected productsExternal IDs
vendor: google model: wifi

More Than Half of Medical Devices Have Critical Vulnerabilities | News | Communications of the ACM

Trust: 3.0

Fetched: Jan. 31, 2022, 10:16 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs

Over 300,000 MikroTik Devices Were Found Vulnerable to Remote Hacking Bugs - Airzero Sec

Related entries in the VARIoT vulnerabilities database: VAR-201910-0547, VAR-201808-0384, VAR-202111-0616, VAR-201910-0546, VAR-201803-2171

Trust: 5.5

Fetched: Jan. 31, 2022, 10:16 a.m., Published: -
 Vulnerabilities: directory traversal, buffer overflow, code execution
Affected productsExternal IDs
vendor: mikrotik model: router
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: routers
vendor: mikrotik model: winbox
vendor: mikrotik model: routeros
vendor: tp-link model: routers
db: NVD ids: CVE-2019-3978, CVE-2018-14847, CVE-2021-41653, CVE-2019-3977, CVE-2018-7445, CVE-2021-36260

Log4Shell: ESET blocks hundreds of thousands of attack attempts | ESET Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.0

Fetched: Jan. 31, 2022, 10:16 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228