Sign-up

VARIoT news about IoT security

Impact of Apache Log4j Vulnerabilities on NetBackup Appliances

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-2011, VAR-202112-0562

Trust: 4.75

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 18, 2022, 11:48 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: veritas model: netbackup appliance
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-4104, CVE-2021-44832, CVE-2021-45046

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | NewsRadio KFBK

Trust: 3.0

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 14, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Over 30% of Android devices have eavesdropping vulnerabilities - BU-CERT

Trust: 3.25

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 30, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-0663, CVE-2021-0673, CVE-2021-0661, CVE-2021-0662

PhonePe - Report Vulnerability

Trust: 3.0

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

DSA-2021-051: Dell EMC PowerFlex appliance Security Update for Multiple Third-Party Component Vulnerability | Dell Polska

Related entries in the VARIoT vulnerabilities database: VAR-202011-0064, VAR-202011-1362, VAR-202006-1686, VAR-202101-1926

Trust: 3.5

Fetched: Jan. 18, 2022, 11:47 a.m., Published: May 21, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell emc model: bios
vendor: dell model: bios
db: NVD ids: CVE-2020-0588, CVE-2020-8739, CVE-2020-8696, CVE-2020-0591, CVE-2020-8740, CVE-2020-0587, CVE-2020-0590, CVE-2020-0593, CVE-2020-8705, CVE-2020-8674, CVE-2021-3156, CVE-2020-0592, CVE-2020-8738

MyBook Users Urged to Unplug Devices from Internet - Krebs on Security

Related entries in the VARIoT vulnerabilities database: VAR-201906-0768

Trust: 4.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Sept. 30, 2021, midnight
 Vulnerabilities: command execution
Affected productsExternal IDs
db: NVD ids: CVE-2018-18472

NVD - CVE-2021-27410

Trust: 5.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-27410

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

NVD - CVE-2021-1585

Related entries in the VARIoT vulnerabilities database: VAR-202107-0426

Trust: 4.5

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: cisco systems model: adaptive_security_device_manager
vendor: cisco systems model: device manager
vendor: cisco systems model: asdm
vendor: cisco systems model: security device manager
vendor: cisco systems model: cisco systems
vendor: cisco systems model: adaptive security device manager
vendor: cisco model: adaptive_security_device_manager
vendor: cisco model: device manager
vendor: cisco model: asdm
vendor: cisco model: security device manager
vendor: cisco model: cisco systems
vendor: cisco model: adaptive security device manager
db: NVD ids: CVE-2021-1585

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Sept. 18, 2021, 10:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Acunetix Web Vulnerability Scanner - Test websites

Trust: 3.25

Fetched: Jan. 18, 2022, 11:46 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: cross-site request forgery, request forgery, sql injection...
Affected productsExternal IDs

Critical Vulnerabilities in Altus Sistemas de Automacao products

Trust: 5.25

Fetched: Jan. 18, 2022, 11:45 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: cross-site request forgery, parameter injection, request forgery...
Affected productsExternal IDs
vendor: codesys model: control
vendor: codesys model: runtime
vendor: codesys model: codesys
vendor: lighttpd model: lighttpd
db: NVD ids: CVE-2021-39243, CVE-2021-39245, CVE-2017-16544, CVE-2021-39244

[UPDATE] New Log4j Critical Vulnerability Scores a 10/10 (So Act Fast) | Community

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.0

Fetched: Jan. 18, 2022, 11:45 a.m., Published: Dec. 17, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Vulnerability in Android allows access to the device via video | Carding Forum for Professional Carders

Trust: 5.0

Fetched: Jan. 18, 2022, 11:44 a.m., Published: Dec. 13, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2019-2107

Why your IoT devices may be vulnerable to malware

Trust: 3.0

Fetched: Jan. 18, 2022, 11:44 a.m., Published: Nov. 25, 2021, midnight
 Vulnerabilities: default password
Affected productsExternal IDs

H-ISAC TLP White: Update: Log4j Vulnerability Affects Multiple Apache and Legacy Services; Exploit Code Publicly Released | AHA

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.75

Fetched: Jan. 18, 2022, 11:44 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2021-44228

Check Point Software discovers four vulnerabilities in MediaTek chips - Techzine Europe

Trust: 3.75

Fetched: Jan. 18, 2022, 11:43 a.m., Published: Nov. 26, 2021, 4:55 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
vendor: check point software technologies model: check point
db: NVD ids: CVE-2021-0663, CVE-2021-0673, CVE-2021-0661, CVE-2021-0662

Wi-Fi Routers At Risk, Hundreds Of Security Vulnerabilities Are Detected

Trust: 3.75

Fetched: Jan. 18, 2022, 11:43 a.m., Published: Oct. 18, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: d-link model: router
vendor: netgear model: router
vendor: linksys model: velop
vendor: asus model: gt-ax11000
vendor: asus model: asus
vendor: asus model: router

New Mirai Variant Exploits NAS Device Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202003-1707

Trust: 4.5

Fetched: Jan. 18, 2022, 11:43 a.m., Published: Sept. 17, 2021, midnight
 Vulnerabilities: code execution, command injection
Affected productsExternal IDs
vendor: palo alto networks model: palo alto networks
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo model: palo alto networks
vendor: palo model: networks
vendor: palo model: firewall
db: NVD ids: CVE-2020-9054