Sign-up

VARIoT news about IoT security

Warning to Windows users after security hole is found which leaves computers vulnerable to hackers despite TWO updates

Related entries in the VARIoT vulnerabilities database: VAR-202111-0697

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 12, 2021, 6:56 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: google model: android
db: NVD ids: CVE-2021-41379

Log4Shell: The race is on to fix millions of systems and internet-connected devices • Graham Cluley

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 13, 2021, 11:37 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

CVE-2021-44228 vulnerability in Apache Log4j library | Securelist

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566

Trust: 4.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44228

Around 300,000 MikroTik Devices Vulnerable to Hacker Intrusions

Related entries in the VARIoT vulnerabilities database: VAR-201803-2171, VAR-201910-0546, VAR-201808-0384, VAR-201910-0547

Trust: 5.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 10, 2021, 10:59 a.m.
 Vulnerabilities: buffer overflow, weak password, directory traversal
Affected productsExternal IDs
vendor: mikrotik model: winbox
vendor: mikrotik model: routers
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: routeros
vendor: mikrotik model: mikrotik
vendor: mikrotik model: router
db: NVD ids: CVE-2018-7445, CVE-2019-3977, CVE-2018-14847, CVE-2019-3978

Using DeceptionGrid to Detect and Defeat Exploits of Log4j Remote Code Execution (RCE) Vulnerability - TrapX Security

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 15, 2021, 1:30 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-22005, CVE-2021-44228

US Warns Hundreds of Millions of Devices at Risk Over New Software Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 14, 2021, 10:35 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: canary model: canary
db: NVD ids: CVE-2021-44228

The Log4j bug exposes a bigger issue: Open-source funding (Updated)

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 13, 2021, 1:22 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Urgent Microsoft warning as hackers target huge weakness to hold you to ransom - how to protect yourself NOW

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 15, 2021, 8:01 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
vendor: zoho model: manageengine adselfservice plus
db: NVD ids: CVE-2021-44228

13 Best VAPT Tools Ranked for 2021 (Paid, Free Trials & Open-source)

Trust: 3.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: netbsd model: current
vendor: netbsd model: netbsd
vendor: wireshark model: wireshark
vendor: cisco model: routers
vendor: aircrack-ng model: aircrack-ng

Launch extended detection and response steps to manage Log4j vulnerability - OpenText Blogs

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 15, 2021, 12:25 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

‘Internet’s on Fire Right Now’: Millions of Devices at Risk Over New Software Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 15, 2021, 11 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: canary model: canary
db: NVD ids: CVE-2021-44228

Vulnerability in Widely Used Logging System Could Be Behind Recent Cyber Attacks

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 13, 2021, 9:06 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Log4j: Just How Screwed Are We?

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 15, 2021, 2:30 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: huawei model: huawei
vendor: huawei model: nice
vendor: check point model: check point
vendor: trendmicro model: security
vendor: blackberry model: blackberry
db: NVD ids: CVE-2021-45046, CVE-2021-44228

Multiple Vulnerabilities in Gryphon Tower Router - Research Advisory | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-202112-0702, VAR-202112-0711, VAR-202112-0705, VAR-202112-0704, VAR-202112-0703, VAR-202112-0709, VAR-202112-0707, VAR-202112-0706, VAR-202112-0708, VAR-202112-0710

Trust: 5.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 7, 2021, 4:42 p.m.
 Vulnerabilities: cross-site scripting, remote command injection, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2021-20146, CVE-2021-20137, CVE-2021-20143, CVE-2021-20144, CVE-2021-20145, CVE-2021-20139, CVE-2021-20141, CVE-2021-20142, CVE-2021-20140, CVE-2021-20138

Explained: Why does the Log4j vulnerability have tech firms worried? | Explained News,The Indian Express

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 16, 2021, 3:59 a.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: icloud
vendor: check point model: check point
vendor: check point model: express
vendor: cisco model: meeting server
vendor: cisco model: webex
vendor: cisco model: meeting
vendor: cisco model: cisco webex
vendor: cisco model: webex meeting server
vendor: check point software technologies model: check point
vendor: check point software technologies model: express
db: NVD ids: CVE-2021-44228

Windows Mobile Device Management 0-day vulnerability could lead to local privilege escalation - Securezoo

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Nov. 30, 2021, 5:22 p.m.
 Vulnerabilities: information disclosure, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2021-24084

Update on Our Response to the Log4j Vulnerability | Datadog

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0562, VAR-202112-0566

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 17, 2022, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-45046, CVE-2021-44228

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 9, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 4, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Update: Apache Log4J Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 13, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228