VARIoT latest news about IoT security

Home - Lighttpd - fly light Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

lighttpd

model:

lighttpd

Vulnerabilities in MediaTek chips expose millions of Android devices to eavesdropping - Games of News Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

Attackers Actively Target Windows Installer Zero-Day \| Threatpost Related entries in the VARIoT vulnerabilities database: VAR-202111-0697 Trust: 3.25 Fetched: Nov. 29, 2021, 2:59 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-41379

GovCERT.HK - Security Alert (A21-11-05): Multiple Vulnerabilities in Cisco Products Related entries in the VARIoT vulnerabilities database: VAR-202111-0402, VAR-202111-0412, VAR-202111-0664, VAR-202111-0413, VAR-202111-0421, VAR-202111-0400, VAR-202111-0420, VAR-202111-0419, VAR-202111-0417, VAR-202111-0418, VAR-202111-0401, VAR-202111-0393 Trust: 4.5 Fetched: Nov. 29, 2021, 2:59 p.m., Published: -	Vulnerabilities: cross-site request forgery, restriction bypass, code execution...

Affected products

External IDs

vendor:	cisco	model:	umbrella
vendor:	cisco	model:	unified communications
vendor:	cisco	model:	cisco policy suite
vendor:	cisco	model:	webex video mesh
vendor:	cisco	model:	anyconnect secure mobility client
vendor:	cisco	model:	cisco anyconnect secure mobility client
vendor:	cisco	model:	cisco prime infrastructure
vendor:	cisco	model:	webex
vendor:	cisco	model:	common services platform collector
vendor:	cisco	model:	series
vendor:	cisco	model:	cisco webex
vendor:	cisco	model:	email security appliance
vendor:	cisco	model:	small business series
vendor:	cisco	model:	policy suite
vendor:	cisco	model:	prime infrastructure
vendor:	cisco	model:	evolved programmable network manager
vendor:	cisco	model:	cisco email security appliance
vendor:	cisco	model:	small business series switches
vendor:	cisco	model:	series switches
vendor:	cisco	model:	prime access registrar
vendor:	cisco	model:	small business rv series routers
vendor:	cisco	model:	access registrar
vendor:	cisco	model:	small business
vendor:	cisco	model:	small business rv
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	series routers
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco small business
vendor:	mesh	model:	mesh

db:

NVD

ids:

CVE-2021-1500, CVE-2021-40124, CVE-2021-34795, CVE-2021-34739, CVE-2021-40119, CVE-2021-34741, CVE-2021-40113, CVE-2021-40120, CVE-2021-34701, CVE-2021-40128, CVE-2021-34731, CVE-2021-34773, CVE-2021-34784, CVE-2021-34774, CVE-2021-40115, CVE-2021-40126, CVE-2021-40112

Update now! Mozilla fixes security vulnerabilities in Firefox 94 \| Malwarebytes Labs Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 3, 2021, 2:23 p.m.	Vulnerabilities: memory corruption, cross-site scripting, use after free

Affected products

External IDs

db:

NVD

ids:

CVE-2021-38504, CVE-2021-38507, CVE-2021-38505, CVE-2021-38506, CVE-2021-38503

From the DevNet Create 2020 archive: OVAL for Vulnerability Assessment Automation - YouTube Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Sept. 3, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

cisco

model:

series

UK ISP Sky Left 6 Million Routers Vulnerable to Attack for Nearly 18 Months \| PCMag Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 6, 2022, midnight	Vulnerabilities: brute force attack, default credentials

Affected products	External IDs

Vulnerabilities Identified in Philips IntelliBridge, Patient Information Center and Efficia Patient Monitors Related entries in the VARIoT vulnerabilities database: VAR-202111-1714, VAR-202111-1713, VAR-202111-1712 Trust: 4.0 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 19, 2021, 2:01 p.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2021-43548, CVE-2021-32993, CVE-2021-43552, CVE-2021-33017

(Part 3) Key security vulnerabilities in IoT environment and how to effectively counteract them Trust: 3.75 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 10, 2021, midnight	Vulnerabilities: default password

Affected products	External IDs

MIRAT’s Vulnerability Scanners Make Sure Their Customer’s Businesses are Frisk-Free - iCrowdNewswire Trust: 3.0 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 16, 2021, 11:19 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

serve

model:

serve

eavesdropping vulnerabilities Archives • Penetration Testing Trust: 3.25 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 25, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-0662, CVE-2021-0661, CVE-2021-0663

Smart Home Devices. More Security Vulnerabilities. Daniel Wroclawski, Consumer Reports. - Cybercrime Magazine Podcast - Podcast en iVoox Trust: 3.25 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Jan. 10, 2022, midnight	Vulnerabilities: -

Affected products	External IDs

Vulnerabilities in MediaTek chips expose millions of Android devices to eavesdropping \| TechRadar Trust: 3.0 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 24, 2021, 4:48 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

Vulnerabilities in MediaTek chips expose millions of Android devices to eavesdropping \| TechRadar Trust: 3.0 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 24, 2021, 4:48 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

MediaTek chip vulnerabilities expose millions of Android devices to eavesdropping - TechRadar - OLTNEWS Trust: 3.0 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 25, 2021, 2:37 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

Mozilla disables ‘low usage’ encryption feature to resolve Thunderbird HTTP/2 vulnerability \| The Daily Swig Trust: 3.0 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 8, 2021, 4:13 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-38503, CVE-2021-38507, CVE-2021-38506

This chip flaw could have let malicious apps eavesdrop on Android phone users \| ZDNet Trust: 4.75 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 25, 2021, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	check point	model:	check point
vendor:	vivo	model:	vivo

db:

NVD

ids:

CVE-2021-0673, CVE-2021-0662, CVE-2021-0663, CVE-2021-0661

Vulnerabilities in MediaTek chips expose millions of Android devices to eavesdropping \| TechRadar Trust: 3.0 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Nov. 24, 2021, 4:48 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

NVD - CVE-2021-21744 Related entries in the VARIoT vulnerabilities database: VAR-202110-0398 Trust: 3.0 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-21744

BrakTooth Proof of Concept Tool Demonstrates Bluetooth Vulnerabilities \| CISA Trust: 3.25 Fetched: Nov. 26, 2021, 7:29 a.m., Published: Aug. 16, 2021, midnight	Vulnerabilities: code execution

Affected products	External IDs

VARIoT news about IoT security