Sign-up

VARIoT news about IoT security

NVD - CVE-2021-34793

Related entries in the VARIoT vulnerabilities database: VAR-202110-1376

Trust: 5.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco systems model: cisco adaptive security appliance
vendor: cisco systems model: asa_5545-x_firmware
vendor: cisco systems model: firepower
vendor: cisco systems model: firepower_threat_defense
vendor: cisco systems model: asa_5580
vendor: cisco systems model: asa_5505_firmware
vendor: cisco systems model: asa_5555-x_firmware
vendor: cisco systems model: asa_5585-x
vendor: cisco systems model: firepower threat defense
vendor: cisco systems model: asa_5580_firmware
vendor: cisco systems model: adaptive security appliance
vendor: cisco systems model: cisco systems
vendor: cisco systems model: adaptive_security_appliance
vendor: cisco systems model: asa_5585-x_firmware
vendor: cisco systems model: asa_5525-x_firmware
vendor: cisco systems model: asa_5505
vendor: cisco systems model: asa_5512-x_firmware
vendor: cisco systems model: asa_5515-x_firmware
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: asa_5545-x_firmware
vendor: cisco model: firepower
vendor: cisco model: firepower_threat_defense
vendor: cisco model: asa_5580
vendor: cisco model: asa_5505_firmware
vendor: cisco model: asa_5555-x_firmware
vendor: cisco model: asa_5585-x
vendor: cisco model: firepower threat defense
vendor: cisco model: asa_5580_firmware
vendor: cisco model: adaptive security appliance
vendor: cisco model: cisco systems
vendor: cisco model: adaptive_security_appliance
vendor: cisco model: asa_5585-x_firmware
vendor: cisco model: asa_5525-x_firmware
vendor: cisco model: asa_5505
vendor: cisco model: asa_5512-x_firmware
vendor: cisco model: asa_5515-x_firmware
db: NVD ids: CVE-2021-34793

Vulnerability Assessment API - Carbon Black Developer Network

Related entries in the VARIoT vulnerabilities database: VAR-202008-0248

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: directory traversal
Affected productsExternal IDs
db: NVD ids: CVE-2020-1472, CVE-0001-001, CVE-2007-4559, CVE-2014-4650, CVE-2001-1267, CVE-2020-1350

Weaknesses in health care system and device security - Pinnacle

Trust: 3.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security

HTTP and HTTPS Access Vulnerability | Allied Telesis

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 14, 2021, 9:42 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2018-8715

Vulnerability Assessment for Network Devices - Now More Than Ever! | BeyondTrust

Trust: 3.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: serve model: serve

Security Advisory for Fragment and Forge vulnerabilities on some WiFi capable devices, PSV-2021-0014 & PSV-2021-0080 | Answer | NETGEAR Support

Related entries in the VARIoT vulnerabilities database: VAR-202105-1431, VAR-202105-1477, VAR-202105-1432

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: netgear model: r7850
vendor: netgear model: rbw30
vendor: netgear model: rbr40
vendor: netgear model: rbr750
vendor: netgear model: wn3000rpv2
vendor: netgear model: r7000p
vendor: netgear model: rbs750
vendor: netgear model: rbr50
vendor: netgear model: rax45
vendor: netgear model: rax120
vendor: netgear model: ex6410
vendor: netgear model: router
vendor: netgear model: ex6400v2
vendor: netgear model: ex7000
vendor: netgear model: r6700v3
vendor: netgear model: r7900p
vendor: netgear model: ex3700
vendor: netgear model: r8300
vendor: netgear model: ex7500
vendor: netgear model: rax35
vendor: netgear model: r6900p
vendor: netgear model: ex6130
vendor: netgear model: ex7700
vendor: netgear model: r6220
vendor: netgear model: rax15
vendor: netgear model: xr300
vendor: netgear model: rbs50
vendor: netgear model: r8500
vendor: netgear model: r7900
vendor: netgear model: orbi
vendor: netgear model: r6400v2
vendor: netgear model: r8000p
vendor: netgear model: ex2700
vendor: netgear model: r6350
vendor: netgear model: r6020
vendor: netgear model: r7000
vendor: netgear model: r6850
vendor: netgear model: r6120
vendor: netgear model: rbr20
vendor: netgear model: srs60
vendor: netgear model: r6230
vendor: netgear model: mr60
vendor: netgear model: ex6150v2
vendor: netgear model: ex8000
vendor: netgear model: wac505
vendor: netgear model: ex6200v2
vendor: netgear model: rbs850
vendor: netgear model: ex3800
vendor: netgear model: rs400
vendor: netgear model: c6900
vendor: netgear model: ex6250
vendor: netgear model: ex6420
vendor: netgear model: wn3000rpv3
vendor: netgear model: rbs10
vendor: netgear model: r7100lg
vendor: netgear model: rbs40
vendor: netgear model: rbr850
vendor: netgear model: rbs50y
vendor: netgear model: ex6120
vendor: netgear model: dc112a
vendor: netgear model: rax40
vendor: netgear model: rax20
vendor: netgear model: ex6100v2
vendor: netgear model: r6400
vendor: netgear model: ex7300v2
vendor: netgear model: rbs20
vendor: netgear model: ex7320
vendor: netgear model: r8000
vendor: netgear model: rax38
vendor: netgear model: r6080
vendor: netgear model: lax20
vendor: netgear model: r6260
vendor: netgear model: srr60
vendor: netgear model: rbr10
vendor: netgear model: wac510
vendor: netgear model: rax50
vendor: netgear model: r6700v2
vendor: netgear model: lbr20
vendor: mesh model: mesh
db: NVD ids: CVE-2020-24588, CVE-2020-26146, CVE-2020-24587

NVD - CVE-2021-34783

Related entries in the VARIoT vulnerabilities database: VAR-202110-1394

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: asa_5580_firmware
vendor: cisco model: adaptive_security_appliance
vendor: cisco model: asa_5545-x_firmware
vendor: cisco model: asa_5580
vendor: cisco model: asa_5505_firmware
vendor: cisco model: asa_5555-x_firmware
vendor: cisco model: asa_5585-x
vendor: cisco model: asa_5525-x_firmware
vendor: cisco model: asa_5585-x_firmware
vendor: cisco model: asa_5505
vendor: cisco model: asa_5512-x_firmware
vendor: cisco model: asa_5515-x_firmware
db: NVD ids: CVE-2021-34783

IoT Devices Affected by Multiple Vulnerabilities in Realtek WiFi Modules

Trust: 3.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-35392

Out-of-Bounds Vulnerabilities in OpenSSL - Security Advisory | QNAP (US)

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-3711, CVE-2021-3712

Meltdown and Spectre Vulnerabilities | Allied Telesis

Related entries in the VARIoT vulnerabilities database: VAR-201801-0826, VAR-201801-1711, VAR-201801-1712

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2017-5715, CVE-2017-5754, CVE-2017-5753

Unpatched, Unprepared, Unprotected: How Critical Device Vulnerabilities Remain Unaddressed

Trust: 3.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: schneider model: modicon m580
vendor: schneider model: m580
vendor: schneider model: modicon plc
vendor: schneider model: monitor
vendor: ring model: ring
vendor: cisco model: routers
vendor: schneider electric model: modicon m580
vendor: schneider electric model: m580
vendor: schneider electric model: modicon plc
vendor: schneider electric model: monitor

Mobile vulnerabilities: What they are and how they impact the enterprise

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

FabulaTech USB device vulnerability exposes devices to risk - TechRepublic

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
db: NVD ids: CVE-2002-9332, CVE-2020-9332

PTES Technical Guidelines - The Penetration Testing Execution Standard

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 1, 2022, midnight
 Vulnerabilities: replay attack, data injection, file inclusion...
Affected productsExternal IDs
vendor: essential model: phone
vendor: novell model: client
vendor: novell model: netware
vendor: sony computer entertainment model: camera
vendor: netgear model: router
vendor: serve model: serve
vendor: barracuda model: running
vendor: barracuda model: web application firewall
vendor: barracuda model: barracuda
vendor: citrix model: gateway
vendor: rapid model: scada
vendor: aircrack-ng model: aircrack-ng
vendor: cisco systems model: guard
vendor: cisco systems model: cisco ios
vendor: cisco systems model: router
vendor: cisco systems model: wireless access point
vendor: cisco systems model: ip phone
vendor: cisco systems model: catalyst
vendor: cisco systems model: meeting
vendor: cisco systems model: network access control
vendor: cisco systems model: access points
vendor: cisco systems model: routers
vendor: cisco systems model: cisco systems
vendor: cisco systems model: hsrp
vendor: cisco systems model: series
vendor: cisco systems model: eigrp
vendor: cisco systems model: support tools
vendor: cisco systems model: leap
vendor: asterisk model: open source
vendor: canary model: canary
vendor: wireshark model: wireshark
vendor: sonicwall model: switch
vendor: sonicwall model: analyzer
vendor: sonicwall model: web application firewall
vendor: google model: wifi
vendor: google model: home
vendor: cisco model: guard
vendor: cisco model: cisco ios
vendor: cisco model: router
vendor: cisco model: wireless access point
vendor: cisco model: ip phone
vendor: cisco model: catalyst
vendor: cisco model: meeting
vendor: cisco model: network access control
vendor: cisco model: access points
vendor: cisco model: routers
vendor: cisco model: cisco systems
vendor: cisco model: hsrp
vendor: cisco model: series
vendor: cisco model: eigrp
vendor: cisco model: support tools
vendor: cisco model: leap
vendor: mesh model: mesh
vendor: hewlett packard model: hp-ux
vendor: hewlett packard model: integrity
vendor: hewlett packard model: stream
vendor: hewlett packard model: switches
vendor: hewlett packard model: hewlett packard
vendor: palo model: firewall
vendor: palo model: networks
vendor: sony model: camera
vendor: modbus model: slave

Internet of things - Wikipedia

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 1, 2022, midnight
 Vulnerabilities: injection attack, default credentials, weak password...
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: huawei model: smart phones
vendor: serve model: serve
vendor: rising model: antivirus
vendor: home assistant model: assistant
vendor: schneider model: concept
vendor: schneider model: software update
vendor: schneider model: modbus
vendor: schneider model: monitor
vendor: samsung smartthings model: printers
vendor: samsung smartthings model: samsung
vendor: samsung smartthings model: smartthings hub
vendor: samsung smartthings model: mobile
vendor: samsung smartthings model: note
vendor: samsung smartthings model: mobile devices
vendor: samsung smartthings model: notes
vendor: smartthings model: smartthings hub
vendor: samsung model: printers
vendor: samsung model: samsung
vendor: samsung model: smartthings hub
vendor: samsung model: mobile
vendor: samsung model: note
vendor: samsung model: mobile devices
vendor: samsung model: notes
vendor: lenovo model: updates
vendor: lenovo model: edge
vendor: lenovo model: system
vendor: mikrotik model: mikrotik
vendor: mikrotik model: routers
vendor: domoticz model: domoticz
vendor: mesh model: mesh
vendor: trend model: security
vendor: trend model: antivirus
vendor: cisco systems model: meeting
vendor: cisco systems model: routers
vendor: cisco systems model: cisco systems
vendor: cisco systems model: h
vendor: cisco systems model: service management
vendor: cisco systems model: series
vendor: cisco systems model: spark
vendor: google model: google home
vendor: google model: android
vendor: google model: home
vendor: cisco model: meeting
vendor: cisco model: routers
vendor: cisco model: cisco systems
vendor: cisco model: h
vendor: cisco model: service management
vendor: cisco model: series
vendor: cisco model: spark
vendor: ring model: ring
vendor: sony model: camera
vendor: sony model: playstation 3
vendor: sony model: playstation
vendor: notion model: bridge
vendor: dahua model: camera
vendor: apple model: iphone
vendor: apple model: watch

A New Citrix Device Vulnerability Has Been Discovered

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: citrix model: application delivery controller
vendor: citrix model: gateway
vendor: citrix model: sd-wan wanop
db: NVD ids: CVE-2019-19781

ManageEngine NetFlow Analyzer Read Me

Related entries in the VARIoT vulnerabilities database: VAR-201806-1164, VAR-201806-1163, VAR-201911-1328

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 17, 2022, midnight
 Vulnerabilities: sql injection, cross-site scripting, code execution...
Affected productsExternal IDs
vendor: essential model: phone
vendor: huawei model: huawei
vendor: huawei model: webui
vendor: trend model: security
vendor: axis model: axis
vendor: pfsense model: pfsense
vendor: zoho model: manageengine oputils
vendor: zoho model: manageengine applications manager
vendor: zoho model: manageengine opmanager
vendor: zoho model: manageengine netflow analyzer
vendor: zoho model: opmanager
vendor: zoho model: oputils
vendor: zoho model: manageengine servicedesk plus
vendor: google model: nexus
vendor: google model: android
vendor: google model: google chrome
vendor: google model: chrome
vendor: aruba model: instant
vendor: cisco model: cisco ios
vendor: cisco model: router
vendor: cisco model: nexus
vendor: cisco model: quad
vendor: cisco model: access points
vendor: cisco model: aireos
vendor: cisco model: routers
vendor: cisco model: technical support
vendor: cisco model: wireless lan controller
vendor: cisco model: wide area application services
vendor: cisco model: wireless lan controllers
vendor: cisco model: series
vendor: cisco model: wireless controller
vendor: cisco model: cisco routers
vendor: cisco model: spark
vendor: palo model: firewall
vendor: palo model: networks
vendor: jquery model: jquery
db: NVD ids: CVE-2019-8929, CVE-2019-7427, CVE-2018-12998, CVE-2018-12997, CVE-2019-7423, CVE-2018-10803, CVE-2020-11946, CVE-2019-8926, CVE-2019-12196, CVE-2020-12116, CVE-2021-20078, CVE-2021-3287, CVE-2021-41075, CVE-2019-8927, CVE-2019-17421, CVE-2018-19403, CVE-2019-7425, CVE-2019-7424, CVE-2020-10541, CVE-2017-11560, CVE-2019-8928, CVE-2019-7422, CVE-2019-7426, CVE-2008-0128, CVE-2021-44514, CVE-2019-8925

Top 10 IoT Security Issues: Ransom, Botnet Attacks, Spying

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: serve model: serve
vendor: trend model: security

NVD - CVE-2021-1592

Trust: 5.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco systems model: ucs manager
vendor: cisco systems model: cisco systems
vendor: cisco systems model: cisco ucs manager
vendor: cisco systems model: unified_computing_system
vendor: cisco model: ucs manager
vendor: cisco model: cisco systems
vendor: cisco model: cisco ucs manager
vendor: cisco model: unified_computing_system
db: NVD ids: CVE-2021-1592

Device Vulnerabilities in the Connected Home

Related entries in the VARIoT vulnerabilities database: VAR-201505-0274

Trust: 6.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: command execution, command injection, buffer overflow...
Affected productsExternal IDs
vendor: realtek model: realtek sdk
vendor: d-link model: eyeon baby monitor
vendor: d-link model: dcs-825l
vendor: d-link model: router
vendor: buffalo model: wsr-300hp
vendor: buffalo model: router
vendor: trend micro model: security
vendor: trend micro model: home network security
vendor: dahua model: ptz camera
vendor: dahua model: camera
vendor: dahua model: ip camera
vendor: belkin model: router
vendor: trend model: security
vendor: trend model: home network security
db: NVD ids: CVE-2014-8361