VARIoT latest news about IoT security

INTEL-SA-00554 Related entries in the VARIoT vulnerabilities database: VAR-202111-1629 Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 9, 2021, 5:43 p.m.	Vulnerabilities: improper access control, denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2021-0200, CVE-2021-0199, CVE-2021-0197, CVE-2021-0198

Synopsys Research Finds Vulnerabilities in 97% of Applications, 36% Impacted by Critical- or High-Risk Vulnerabilities - EEJournal Trust: 4.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 16, 2021, 5:35 p.m.	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:

google

model:

android

A Vulnerability in Microsoft Edge Could Allow for Arbitrary Code Execution Trust: 3.25 Fetched: Nov. 29, 2021, 2:59 p.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-43221

OnePlus Nord 2 is exposed to a dangerous vulnerability - Real Mi Central Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 27, 2021, 7:56 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

oneplus

model:

oneplus

CVE-2021-38685 : A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability all Trust: 5.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 9, 2021, midnight	Vulnerabilities: command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2021-38685, CVE-2009-1234

OnePlus Nord 2 has a vulnerability that grants root shell access within minutes on a locked bootloader, without a data wipe Trust: 3.5 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, 1:05 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	samsung	model:	note
vendor:	samsung	model:	samsung
vendor:	oneplus	model:	oneplus
vendor:	oneplus	model:	oxygenos
vendor:	oneplus	model:	one

A Vulnerability in Fortinet FortiWeb Could Allow for Arbitrary Code Execution. Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 7, 2022, 7:33 p.m.	Vulnerabilities: code execution

Affected products	External IDs

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerability - Cisco Trust: 4.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Oct. 27, 2021, 2:29 p.m.	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:	cisco	model:	anyconnect ssl vpn
vendor:	cisco	model:	cisco adaptive security appliance software
vendor:	cisco	model:	firepower
vendor:	cisco	model:	device manager
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	clientless ssl vpn
vendor:	cisco	model:	adaptive security appliance software
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	asa software
vendor:	cisco	model:	firepower threat defense software
vendor:	cisco	model:	cisco firepower management center

Vulnerabilities in MediaTek chipset could have led to spying on Android users Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 25, 2021, 6 a.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	xiaomi	model:	redmi
vendor:	xiaomi	model:	miui
vendor:	vivo	model:	vivo
vendor:	oneplus	model:	oneplus
vendor:	google	model:	android
vendor:	check point	model:	check point

db:

NVD

ids:

CVE-2021-0662, CVE-2021-0661, CVE-2021-0663, CVE-2021-0673

New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable Trust: 4.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Sept. 2, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28139

Vulnerabilities in TCP/IP stack may affect millions of devices, warn researchers \| IT World Canada News Trust: 3.5 Fetched: Nov. 29, 2021, 2:59 p.m., Published: April 15, 2021, 3:56 p.m.	Vulnerabilities: denial of service, code execution

Affected products

External IDs

vendor:	treck	model:	tcp/ip stack
vendor:	siemens	model:	nucleus net
vendor:	siemens	model:	nucleus rtos
vendor:	siemens	model:	vstar
vendor:	siemens	model:	nucleus 4
vendor:	siemens	model:	nucleus readystart
vendor:	siemens	model:	nucleus source code
vendor:	siemens	model:	nucleus

Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices - My Blog Trust: 4.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 6, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	tp-link	model:	ac1750
vendor:	tp-link	model:	routers

Netgear Patches Code Execution Vulnerability Affecting Many Products \| All the news of the world, England, Europe, US on the news portal Related entries in the VARIoT vulnerabilities database: VAR-202111-0632 Trust: 5.5 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 13, 2022, midnight	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	netgear	model:	netgear router
vendor:	netgear	model:	netgear router firmware
vendor:	netgear	model:	router

db:

NVD

ids:

CVE-2021-34991

Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices_HackDig Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 6, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	tp-link	model:	ac1750
vendor:	tp-link	model:	routers

Vulnerability in Cisco security devices could cause firewalls to fail \| Communications Today Related entries in the VARIoT vulnerabilities database: VAR-202005-0696, VAR-202005-0685, VAR-202007-1057, VAR-202110-1796 Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, 8:05 a.m.	Vulnerabilities: buffer overflow, denial of service

Affected products

External IDs

vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	device manager
vendor:	cisco	model:	firepower

db:

NVD

ids:

CVE-2020-3259, CVE-2020-3187, CVE-2020-3452, CVE-2021-34704

Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices \| IT Security News Related entries in the VARIoT vulnerabilities database: VAR-201906-1344 Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, 3:13 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	tp-link	model:	routers
vendor:	asus	model:	router
vendor:	asus	model:	asus

db:

NVD

ids:

CVE-2019-7406

Cisco vulnerability could cause your firewalls to fail \| TechRadar Related entries in the VARIoT vulnerabilities database: VAR-202110-1796 Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 23, 2021, 3:20 a.m.	Vulnerabilities: denial of service, buffer overflow

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2021-34704

Cisco vulnerability could cause your firewalls to fail \| TechRadar Related entries in the VARIoT vulnerabilities database: VAR-202110-1796 Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 23, 2021, 3:20 a.m.	Vulnerabilities: denial of service, buffer overflow

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2021-34704

A Study Reveals That A Vulnerability Found In MediaTek Chips Is Leaving Smartphone Microphones Completely Wide Open To Foreign Threats / Digital Information World Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

Synopsys Research Finds Vulnerabilities in 97% of Applications - EE Times Asia Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 18, 2021, 1:09 a.m.	Vulnerabilities: cross-site scripting

Affected products	External IDs

VARIoT news about IoT security