Sign-up

VARIoT news about IoT security

The Top 5 Bluetooth Security Vulnerabilities

Trust: 4.75

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: raspberry pi model: 3

Smart Yet Flawed: IoT Device Vulnerabilities Explained - Security News

Related entries in the VARIoT vulnerabilities database: VAR-202003-1707

Trust: 4.25

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: denial of service, default credentials
Affected productsExternal IDs
vendor: serve model: serve
vendor: trend micro model: home network security
vendor: trend micro model: security
vendor: sonos model: sonos
vendor: trend model: home network security
vendor: trend model: security
db: NVD ids: CVE-2020-9054

DHS CISA: Serious Vulnerabilities Found in 6 Medical Device Systems

Trust: 3.5

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: baxter model: prismax
vendor: baxter model: prismaflex
vendor: baxter model: spectrum infusion system
vendor: baxter model: wireless battery module

Moxa NPort Device Vulnerabilities (Update B) | CISA

Related entries in the VARIoT vulnerabilities database: VAR-201702-0860, VAR-201702-0862, VAR-201702-0593, VAR-201702-0594, VAR-201702-0595, VAR-201702-0596, VAR-201702-0597, VAR-201702-0851

Trust: 4.75

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: request forgery, code execution, cross-site request forgery...
Affected productsExternal IDs
vendor: moxa model: nport 5600 series
vendor: moxa model: nport 5200a series
vendor: moxa model: nport 5600-dt/dtl
vendor: moxa model: nport 5400 series
vendor: moxa model: nport p5150a
vendor: moxa model: nport
vendor: moxa model: nport 5200a
vendor: moxa model: nport 5100a series
vendor: moxa model: nport 5100a
vendor: moxa model: nport 5200 series
vendor: moxa model: nport p5150a series
vendor: moxa model: nport 5x50ai-m12
vendor: moxa model: moxa
vendor: moxa model: nport 5100 series
db: ICS CERT ids: ICSA-16-336-02
db: ICS CERT ALERT ids: ICS-ALERT-10-301-01, ICS-ALERT-16-099-01B, ICS-ALERT-16-099-01A, ICS-ALERT-16-099-01
db: US CERT ids: ICSA-16-336-02

Insulin pumps among millions of devices facing risk from newly disclosed cyber vulnerability, IBM says | MedTech Dive

Trust: 4.75

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: cve-2020-15858

NVD - CVE-2021-27408

Trust: 4.75

Fetched: Dec. 16, 2021, 3:47 p.m., Published: Jan. 1, 2022, midnight
 Vulnerabilities: code execution, information leakage
Affected productsExternal IDs
db: NVD ids: CVE-2021-27408

Android Devices and Vulnerabilities - SC Dashboard | TenableĀ®

Trust: 4.0

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Cisco IOS : List of security vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-201909-0158, VAR-201810-0561, VAR-201903-0559, VAR-202109-0601, VAR-201810-0345, VAR-201903-0571, VAR-201810-0565, VAR-202009-0479, VAR-201810-0569, VAR-201909-0165, VAR-202109-0747, VAR-201909-0160, VAR-201810-0351, VAR-201810-0346, VAR-201909-0184, VAR-202006-1148, VAR-201903-0569, VAR-201903-0563, VAR-202006-1097, VAR-202006-1093, VAR-201901-0473, VAR-202006-1151, VAR-201903-0565, VAR-201909-0181, VAR-201903-0599, VAR-201810-0568, VAR-202103-0545, VAR-202103-0537, VAR-201909-0166, VAR-201909-0186, VAR-201909-1523, VAR-201903-0574, VAR-201903-0595, VAR-202009-1160, VAR-201903-0592, VAR-201810-0339, VAR-202103-0540, VAR-201903-0600, VAR-202103-0550, VAR-201903-0558, VAR-202006-1150, VAR-201810-0567, VAR-201909-0161, VAR-201903-0597, VAR-202006-1095, VAR-202006-1098, VAR-201903-0567, VAR-202006-1092, VAR-202006-1084, VAR-201903-0596

Trust: 5.25

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: memory corruption, denial of service, improper memory handling...
Affected productsExternal IDs
vendor: cisco model: hsrp
vendor: cisco model: nx-os
vendor: cisco model: ios software
vendor: cisco model: cisco ios
vendor: cisco model: series switches
vendor: cisco model: routers
vendor: cisco model: 4451-x
vendor: cisco model: integrated services router
vendor: cisco model: integrated services routers
vendor: cisco model: catalyst 2960-l series switches
vendor: cisco model: catalyst 6500 series
vendor: cisco model: ios xe
vendor: cisco model: cisco iox
vendor: cisco model: ios xr
vendor: cisco model: iox application
vendor: cisco model: nx-os software
vendor: cisco model: ios xr software
vendor: cisco model: catalyst cdb-8p switches
vendor: cisco model: catalyst
vendor: cisco model: catalyst 6500
vendor: cisco model: cisco nx-os
vendor: cisco model: isr g2
vendor: cisco model: isr4451
vendor: cisco model: isr4451-x
vendor: cisco model: ios xe software
vendor: cisco model: cisco iox application
vendor: cisco model: 4451-x integrated services router
vendor: cisco model: cisco ios xe
vendor: cisco model: industrial integrated services routers
vendor: cisco model: cisco ios xr
vendor: cisco model: series
vendor: cisco model: router
db: NVD ids: CVE-2019-12649, CVE-2018-15369, CVE-2019-1748, CVE-2021-34705, CVE-2018-0473, CVE-2019-1756, CVE-2018-15373, CVE-2019-16009, CVE-2018-15377, CVE-2019-12655, CVE-2021-34699, CVE-2019-12650, CVE-2018-0485, CVE-2018-0475, CVE-2019-12670, CVE-2020-3201, CVE-2019-1758, CVE-2019-1752, CVE-2020-3230, CVE-2020-3226, CVE-2018-0484, CVE-2020-3200, CVE-2019-1757, CVE-2019-12668, CVE-2019-1739, CVE-2018-15376, CVE-2021-1385, CVE-2021-1392, CVE-2019-12656, CVE-2019-12672, CVE-2019-12665, CVE-2019-1762, CVE-2019-1746, CVE-2020-3476, CVE-2019-1737, CVE-2018-0466, CVE-2021-1377, CVE-2019-1738, CVE-2009-1234, CVE-2021-1391, CVE-2019-1761, CVE-2020-3204, CVE-2018-15375, CVE-2019-12651, CVE-2019-1740, CVE-2020-3228, CVE-2020-3231, CVE-2019-1751, CVE-2020-3225, CVE-2020-3217, CVE-2019-1747

Series of Zero-Day Vulnerabilities Could Endanger 200 Million Devices

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.5

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: code execution, denial of service, information leak
Affected productsExternal IDs
db: NVD ids: cve-2021-44228, CVE-2021-44228

NVD - CVE-2020-9054

Related entries in the VARIoT vulnerabilities database: VAR-202003-1707

Trust: 3.75

Fetched: Dec. 16, 2021, 3:47 p.m., Published: Jan. 5, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: zyxel model: usg310
vendor: zyxel model: usg60
vendor: zyxel model: vpn300
vendor: zyxel model: zywall1100
vendor: zyxel model: usg60w_firmware
vendor: zyxel model: usg60w
vendor: zyxel model: vpn1000
vendor: zyxel model: nas542_firmware
vendor: zyxel model: usg20-vpn_firmware
vendor: zyxel model: vpn100_firmware
vendor: zyxel model: nas520
vendor: zyxel model: vpn100
vendor: zyxel model: usg20w-vpn
vendor: zyxel model: usg20w-vpn_firmware
vendor: zyxel model: zywall1100_firmware
vendor: zyxel model: atp100_firmware
vendor: zyxel model: usg110_firmware
vendor: zyxel model: zywall110_firmware
vendor: zyxel model: usg310_firmware
vendor: zyxel model: vpn1000_firmware
vendor: zyxel model: usg40w_firmware
vendor: zyxel model: zywall310
vendor: zyxel model: vpn300_firmware
vendor: zyxel model: usg1100_firmware
vendor: zyxel model: nas542
vendor: zyxel model: vpn50
vendor: zyxel model: vpn50_firmware
vendor: zyxel model: nas326_firmware
vendor: zyxel model: usg1900
vendor: zyxel model: usg210_firmware
vendor: zyxel model: usg1100
vendor: zyxel model: atp500_firmware
vendor: zyxel model: atp100
vendor: zyxel model: nas326
vendor: zyxel model: usg60_firmware
vendor: zyxel model: zywall110
vendor: zyxel model: atp200_firmware
vendor: zyxel model: zywall310_firmware
vendor: zyxel model: usg1900_firmware
vendor: zyxel model: nas520_firmware
vendor: zyxel model: usg210
vendor: zyxel model: usg20-vpn
vendor: zyxel model: usg40
vendor: zyxel model: usg2200_firmware
vendor: zyxel model: usg2200
vendor: zyxel model: usg40_firmware
vendor: zyxel model: atp500
vendor: zyxel model: nas540_firmware
vendor: zyxel model: usg110
vendor: zyxel model: atp200
vendor: zyxel model: atp800_firmware
vendor: zyxel model: nas540
vendor: zyxel model: atp800
vendor: zyxel model: usg40w
db: NVD ids: CVE-2020-9054

Bluetooth Spoofing Bug Affects Billions of IoT Devices | Threatpost

Related entries in the VARIoT vulnerabilities database: VAR-202004-1957

Trust: 3.25

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: cve-2020-9770, CVE-2020-9770

Recent Cyberattack Reveals Reality of Smart Home Device Vulnerability

Trust: 3.5

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: denial of service, default password
Affected productsExternal IDs

Medical device vulnerability scoring flaws put patientsā€™ lives at risk

Related entries in the VARIoT vulnerabilities database: VAR-201906-1020

Trust: 4.0

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: medtronic model: paradigm
db: NVD ids: CVE-2019-10964

Billions of devices affected by UPnP vulnerability - Naked Security

Related entries in the VARIoT vulnerabilities database: VAR-202006-0391

Trust: 3.25

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2020-12695

Top 15 Paid and Free Vulnerability Scanner Tools - DNSstuff

Trust: 3.25

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: sql injection, path traversal, cross-site scripting...
Affected productsExternal IDs
vendor: tripwire model: ip360
vendor: wireshark model: wireshark

IP-in-IP Vulnerability Affects Devices From Cisco and Others | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202006-0258

Trust: 4.5

Fetched: Dec. 16, 2021, 3:47 p.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: information leak, process crash
Affected productsExternal IDs
vendor: digi model: saros
vendor: cisco model: nx-os
vendor: cisco model: firepower
vendor: cisco model: mds 9000
vendor: cisco model: nx-os software
vendor: cisco model: nexus 9000
vendor: cisco model: series
vendor: cisco model: 1000v
vendor: cisco model: firepower 2100
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus
vendor: cisco model: firepower 9300
vendor: cisco model: mds 9000 series
vendor: hewlett packard enterprise model: hewlett packard enterprise
vendor: hewlett packard enterprise model: switches
vendor: hewlett packard enterprise model: 9000
vendor: hewlett packard enterprise model: hewlett packard
vendor: hewlett packard enterprise model: 1000 series
vendor: hewlett packard model: hewlett packard enterprise
vendor: hewlett packard model: switches
vendor: hewlett packard model: 9000
vendor: hewlett packard model: hewlett packard
vendor: hewlett packard model: 1000 series
vendor: digi international model: saros
db: NVD ids: CVE-2020-10136

2 Million IoT Devices Vulnerable to Complete Takeover | Threatpost

Related entries in the VARIoT vulnerabilities database: VAR-202012-0977

Trust: 3.25

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2020-29583, CVE-2019-11220, CVE-2019-11219

FragAttacks: Security flaws in all Wi-Fi devices

Related entries in the VARIoT vulnerabilities database: VAR-202105-1431, VAR-202105-1477, VAR-202105-1430, VAR-202105-1432, VAR-202105-1476, VAR-202105-1428, VAR-202105-0257, VAR-202009-0518, VAR-202105-1475, VAR-202105-1493, VAR-202105-1429

Trust: 5.5

Fetched: Dec. 16, 2021, 3:47 p.m., Published: Jan. 7, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: home
db: NVD ids: CVE-2020-24588, CVE-2020-26146, CVE-2020-26142, CVE-2020-26139, CVE-2020-24587, CVE-2020-24586, CVE-2020-26144, CVE-2020-26141, CVE-2019-18991, CVE-2020-26145, CVE-2019-18989, CVE-2019-18990, CVE-2020-26147, CVE-2020-26143, CVE-2020-26140

SweynTooth Vulnerabilities | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202002-0392, VAR-202002-0294, VAR-202002-0491, VAR-202002-0394, VAR-202002-0295, VAR-202002-0393, VAR-202002-0418, VAR-202002-0487, VAR-202002-0391

Trust: 3.5

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: memory corruption, security bypass, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2019-17517, CVE-2019-17060, CVE-2019-19196, CVE-2019-19194, CVE-2019-17519, CVE-2019-17061, CVE-2019-19195, CVE-2019-17518, CVE-2019-16336, CVE-2019-19192, CVE-2019-17520, CVE-2019-19193
db: ICS CERT ALERT ids: ICS-ALERT-20-063-01

Common SNMP Vulnerability: 9-Step Guide to Protect Your Network

Related entries in the VARIoT vulnerabilities database: VAR-200202-0006, VAR-200202-0007

Trust: 4.5

Fetched: Dec. 16, 2021, 3:47 p.m., Published: -
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: general electric model: industrial solutions ups snmp/web adapter
vendor: symantec model: symantec web gateway
vendor: symantec model: web gateway
db: NVD ids: CVE-2002-0012, CVE-2002-0013