VARIoT latest news about IoT security

NVD - CVE-2021-37036 Related entries in the VARIoT vulnerabilities database: VAR-202111-1436 Trust: 5.5 Fetched: Dec. 30, 2021, 11:51 a.m., Published: -	Vulnerabilities: information leak, information leakage

Affected products

External IDs

vendor:	huawei	model:	ecns280_td_firmware
vendor:	huawei	model:	v100r005c00
vendor:	huawei	model:	huawei
vendor:	huawei	model:	fusioncompute

db:

NVD

ids:

CVE-2021-37036

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability - Cisco Trust: 4.0 Fetched: Dec. 30, 2021, 11:51 a.m., Published: Oct. 27, 2021, 2:29 p.m.	Vulnerabilities: access control vulnerability

Affected products

External IDs

vendor:	cisco	model:	firepower threat defense software
vendor:	cisco	model:	firepower
vendor:	cisco	model:	asa software
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	adaptive security appliance software
vendor:	cisco	model:	cisco adaptive security appliance software

Critical Apache Log4j Vulnerability Updates \| FortiGuard Labs Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-201803-1048, VAR-202112-0562 Trust: 4.25 Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 21, 2021, 8 a.m.	Vulnerabilities: denial of service, information leak, code execution

Affected products

External IDs

vendor:	canary	model:	canary
vendor:	huawei	model:	huawei
vendor:	huawei	model:	hg532

db:

NVD

ids:

CVE-2021-26084, CVE-2021-45105, CVE-2021-44228, CVE-2017-17215, CVE-2021-4104, CVE-2021-45046

High Severity Security Flaw in Intel CPUs Allows Attackers to Access Encryption Keys and Bypass TPM, BitLocker, and DRM - CPO Magazine Trust: 4.0 Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 3, 2021, 5:49 a.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

db:

NVD

ids:

CVE-2021-0146

SAM Name impersonation - Microsoft Tech Community Related entries in the VARIoT vulnerabilities database: VAR-202111-0660 Trust: 3.0 Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 20, 2021, 4:31 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

db:

NVD

ids:

CVE-2021-42278, CVE-2021-42287

Vulnerabilities Can Allow Hackers to Tamper With Walk-Through Metal Detectors \| SecurityWeek.Com Trust: 4.75 Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 17, 2022, midnight	Vulnerabilities: path traversal

Affected products

External IDs

vendor:

cisco

model:

router

Security warning: New zero-day in the Log4j Java library is already being exploited \| ZDNet Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 3.25 Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 10, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

INTEL-SA-00646 Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562 Trust: 5.25 Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 12, 2022, 6:26 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228, CVE-2021-45046

Security Notice: NVIDIA Response to Log4j Vulnerabilities - December 2021 \| NVIDIA Related entries in the VARIoT vulnerabilities database: VAR-202112-1782 Trust: 3.75 Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 16, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

canonical

model:

ubuntu

db:

NVD

ids:

CVE-2021-45105

Log4j vulnerability Protection for Endpoints - Check Point Software Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 5.0 Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 23, 2021, 10:48 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

check point

model:

check point

db:

NVD

ids:

CVE-2021-44228

Vulnerabilities identified in the Abode IOTA security system: Fake image injection into timeline Trust: 5.75 Fetched: Dec. 30, 2021, 11:51 a.m., Published: -	Vulnerabilities: command injection

Affected products

External IDs

vendor:	netgear	model:	orbi
vendor:	netgear	model:	router

db:

NVD

ids:

CVE-2020-8105

CVE-2021-45105: New DoS Vulnerability Found in Apache Log4j - Netskope Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562 Trust: 4.75 Fetched: Dec. 30, 2021, 11:51 a.m., Published: -	Vulnerabilities: denial of service, process crash, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Apache Log4j2 Remote Code Execution vulnerability CVE-2021-44228 Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 5.0 Fetched: Dec. 30, 2021, 11:51 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

vendor:

mesh

model:

mesh

db:

NVD

ids:

CVE-2021-44228

Instagram Trust: 3.5 Fetched: Dec. 30, 2021, 11:51 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

serve

model:

serve

Document - Notice: (Revision) Apache Software Log4j - Security Vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105, CVE-2021-44832) \| HPE Support Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-2011, VAR-202112-0562 Trust: 4.75 Fetched: Dec. 30, 2021, 11:51 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	aruba	model:	clearpass policy manager
vendor:	aruba	model:	arubaos
vendor:	aruba	model:	cx switches
vendor:	aruba	model:	clearpass
vendor:	aruba	model:	aruba instant
vendor:	aruba	model:	instant
vendor:	brocade	model:	fibre channel san

db:

NVD

ids:

CVE-2021-45105, CVE-2021-44228, CVE-2021-4104, CVE-2021-44832, CVE-2021-45046

Cisco : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202111-0393, VAR-202110-1402, VAR-202110-1353, VAR-202109-0631, VAR-202110-1367, VAR-202112-0566, VAR-202110-0203, VAR-202111-1198, VAR-202110-0617, VAR-202110-1395, VAR-202110-1305, VAR-202111-0417, VAR-202110-1298, VAR-202110-0212, VAR-202111-0401, VAR-202110-1286, VAR-202110-0623, VAR-202110-0211, VAR-202109-0622, VAR-202111-0418, VAR-202110-1366, VAR-202110-1375, VAR-202110-1350, VAR-202110-1352, VAR-202110-1354, VAR-202111-0413, VAR-202110-1377, VAR-202110-0622, VAR-202110-1392, VAR-202111-1197, VAR-202110-0213, VAR-202109-0623, VAR-202110-1394, VAR-202110-0619, VAR-202110-0618, VAR-202108-0824, VAR-202110-1393, VAR-202109-0617, VAR-202111-0412, VAR-202110-1376, VAR-202110-1065, VAR-202111-0419, VAR-202110-0209, VAR-202109-0618, VAR-202111-0400, VAR-202110-1297, VAR-202111-1196, VAR-202110-1351, VAR-202109-0624, VAR-202111-0664 Trust: 5.25 Fetched: Dec. 28, 2021, 9:20 a.m., Published: -	Vulnerabilities: directory traversal, improper validation, cross-site request forgery...

Affected products

External IDs

vendor:	mesh	model:	mesh
vendor:	snort	model:	snort
vendor:	cisco	model:	cisco prime infrastructure
vendor:	cisco	model:	telepresence management suite
vendor:	cisco	model:	unified communications manager session management edition
vendor:	cisco	model:	unified communications manager
vendor:	cisco	model:	meeting
vendor:	cisco	model:	cisco policy suite
vendor:	cisco	model:	prime infrastructure
vendor:	cisco	model:	webex meetings
vendor:	cisco	model:	firepower
vendor:	cisco	model:	evolved programmable network manager
vendor:	cisco	model:	cisco telepresence
vendor:	cisco	model:	unified communications
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	series routers
vendor:	cisco	model:	series
vendor:	cisco	model:	small business
vendor:	cisco	model:	roomos
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	cisco evolved programmable network manager
vendor:	cisco	model:	common services platform collector
vendor:	cisco	model:	policy suite
vendor:	cisco	model:	meeting server
vendor:	cisco	model:	cisco unified communications manager
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco meeting server
vendor:	cisco	model:	webex
vendor:	cisco	model:	web security appliance
vendor:	cisco	model:	telepresence collaboration endpoint
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	telepresence
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	cisco meeting
vendor:	cisco	model:	small business rv
vendor:	cisco	model:	nexus
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco web security appliance
vendor:	cisco	model:	cisco webex meetings
vendor:	cisco	model:	cisco webex
vendor:	cisco	model:	umbrella
vendor:	cisco	model:	cisco telepresence management suite
vendor:	cisco	model:	anyconnect secure mobility client
vendor:	cisco	model:	webex video mesh
vendor:	cisco	model:	cisco roomos
vendor:	cisco	model:	dna center
vendor:	cisco	model:	small business rv series routers
vendor:	cisco	model:	cisco anyconnect secure mobility client
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2021-40126, CVE-2021-40125, CVE-2021-40114, CVE-2021-34771, CVE-2021-34763, CVE-2021-44228, CVE-2021-34782, CVE-2021-40129, CVE-2021-40123, CVE-2021-34781, CVE-2021-34761, CVE-2021-34784, CVE-2021-34755, CVE-2021-34766, CVE-2021-40115, CVE-2021-34754, CVE-2021-34760, CVE-2021-34758, CVE-2021-34746, CVE-2021-34774, CVE-2021-34764, CVE-2021-34794, CVE-2021-40118, CVE-2021-40116, CVE-2021-34787, CVE-2021-40120, CVE-2021-34792, CVE-2021-34789, CVE-2021-34791, CVE-2021-40130, CVE-2021-34772, CVE-2021-34759, CVE-2021-34783, CVE-2021-40121, CVE-2021-40122, CVE-2021-34749, CVE-2021-34790, CVE-2021-34785, CVE-2021-40124, CVE-2021-34793, CVE-2021-34762, CVE-2021-34773, CVE-2021-34748, CVE-2021-34786, CVE-2021-40128, CVE-2021-34756, CVE-2021-40131, CVE-2021-40117, CVE-2021-34765, CVE-2021-40119

Google Android : List of security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202112-0360, VAR-202110-0165, VAR-202112-0549, VAR-202112-0423, VAR-202112-0548, VAR-202112-0528, VAR-202110-0189, VAR-202110-0188, VAR-202110-0187 Trust: 4.25 Fetched: Dec. 28, 2021, 9:20 a.m., Published: -	Vulnerabilities: pointer dereference vulnerability, improper validation, input validation vulnerability...

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	samsung	model:	exynos
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	mobile
vendor:	google	model:	android

db:

NVD

ids:

CVE-2021-25510, CVE-2021-39646, CVE-2021-25512, CVE-2021-25483, CVE-2021-39637, CVE-2021-39645, CVE-2021-25513, CVE-2021-25485, CVE-2021-39643, CVE-2021-25515, CVE-2021-39653, CVE-2021-25519, CVE-2021-39636, CVE-2021-25511, CVE-2021-25482, CVE-2021-39642, CVE-2021-26687, CVE-2021-25516, CVE-2021-25514, CVE-2021-26689, CVE-2021-27901, CVE-2021-25474, CVE-2021-25501, CVE-2021-25463, CVE-2021-25486, CVE-2021-39655, CVE-2021-39656, CVE-2021-39650, CVE-2021-39640, CVE-2021-39652, CVE-2021-38591, CVE-2021-39657, CVE-2021-25517, CVE-2021-25484, CVE-2021-25473, CVE-2021-39649, CVE-2021-39648, CVE-2021-30162, CVE-2021-25502, CVE-2021-39651, CVE-2021-39644, CVE-2021-39647, CVE-2021-39639, CVE-2021-25462, CVE-2021-30161, CVE-2021-39638, CVE-2021-25518, CVE-2021-25472, CVE-2021-25490, CVE-2021-39641

SMA 100 flaws in SonicWall VPN expose devices to remote takeover Related entries in the VARIoT vulnerabilities database: VAR-202112-0732, VAR-202112-0730, VAR-202112-0425, VAR-202112-0424, VAR-202112-0361, VAR-202112-0389, VAR-202112-0731, VAR-202112-0426 Trust: 5.5 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 9, 2021, 4:18 p.m.	Vulnerabilities: buffer overflow, code execution, path traversal...

Affected products

External IDs

vendor:	sonicwall	model:	secure mobile access
vendor:	sonicwall	model:	sma 100
vendor:	sonicwall	model:	remote access

db:

NVD

ids:

CVE-2021-20040, CVE-2021-20042, CVE-2021-20044, CVE-2021-20045, CVE-2021-20038, CVE-2021-20039, CVE-2021-20041, CVE-2021-20043

Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 4.25 Fetched: Dec. 28, 2021, 9:20 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

VMware products threatened by log4j vulnerability CVE-2021-44228 \| Born's Tech and Windows World Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 6.25 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 14, 2021, 7:25 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

VARIoT news about IoT security