VARIoT latest news about IoT security

The Best Parental Control Apps and Devices, From Circle to eero \| Fatherly Trust: 3.5 Fetched: Dec. 7, 2021, 8:04 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	serve	model:	serve
vendor:	mesh	model:	mesh
vendor:	google	model:	wifi
vendor:	google	model:	home

This Microsoft Windows RCE Vulnerability Gives an Attacker Complete Control - Synack Trust: 3.5 Fetched: Dec. 7, 2021, 8:04 a.m., Published: Nov. 24, 2021, 9:06 p.m.	Vulnerabilities: integer overflow, code execution, memory access violation...

Affected products

External IDs

db:

NVD

ids:

CVE-2021-34535

New TCP/IP Stacks Vulnerabilities Impact Millions of Devices \| New Jersey Cybersecurity & Communications Integration Cell Related entries in the VARIoT vulnerabilities database: VAR-202111-1607, VAR-202111-1616, VAR-202111-1605, VAR-202111-1604 Trust: 5.75 Fetched: Dec. 7, 2021, 8:04 a.m., Published: -	Vulnerabilities: information leak, code execution

Affected products

External IDs

vendor:

siemens

model:

nucleus

db:

NVD

ids:

CVE-2021-31884, CVE-2021-31888, CVE-2021-31886, CVE-2021-31887

Lab Minutes Trust: 3.25 Fetched: Dec. 7, 2021, 8:04 a.m., Published: Jan. 9, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

palo

model:

firewall

Securezoo Home - Securezoo Related entries in the VARIoT vulnerabilities database: VAR-202201-1613 Trust: 3.75 Fetched: Dec. 7, 2021, 8:04 a.m., Published: Jan. 1, 2022, 11:54 p.m.	Vulnerabilities: cross-site request forgery, request forgery

Affected products

External IDs

db:

NVD

ids:

CVE-2022-22588, CVE-2022-21825

Most ransomware attacks rely on exploiting older, unpatched vulnerabilities Trust: 3.0 Fetched: Dec. 7, 2021, 8:04 a.m., Published: March 14, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2009-3960, CVE-2010-2861

0patch Blog Trust: 3.5 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 12, 2022, midnight	Vulnerabilities: injection attack, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-43905

New vulnerabilities identified in Intel processors, they allow unauthorized escalation of privileges in vulnerable systems - Aroged - Aroged Related entries in the VARIoT vulnerabilities database: VAR-202111-1193, VAR-202111-1151 Trust: 6.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 16, 2021, 3:13 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	tesla	model:	model 3
vendor:	tesla	model:	model

db:

NVD

ids:

CVE-2021-0146, CVE-2021-0158, CVE-2021-0157

Netgear router vulnerabilities could put small businesses at risk Trust: 4.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 2, 2021, 10:05 p.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:	netgear	model:	netgear router
vendor:	netgear	model:	router

Security vulnerabilities put Android phones at risk - Newsy Today Trust: 3.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 28, 2021, 6:12 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

Device management complexities could create cybersecurity gaps and leave NHS Trusts vulnerable Trust: 3.5 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 18, 2021, 9:32 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

palo

model:

networks

AT&T Networking Devices' Old Flaw Now Exploited by New Malware to Conduct DoS Attacks! Thousands of US Customers Affected \| Tech Times Related entries in the VARIoT vulnerabilities database: VAR-201705-3536 Trust: 4.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 1, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

edgewater

model:

edgemarc

db:

NVD

ids:

CVE-2017-6079

Routersploit Tutorial - KaliTut Trust: 3.25 Fetched: Dec. 6, 2021, 2:33 p.m., Published: May 24, 2021, midnight	Vulnerabilities: directory traversal, path traversal, password disclosure...

Affected products

External IDs

vendor:	asus	model:	rt-n66u
vendor:	asus	model:	asus
vendor:	asus	model:	router
vendor:	dlink	model:	router
vendor:	jquery	model:	jquery
vendor:	d-link	model:	router
vendor:	belkin	model:	router
vendor:	dnrd	model:	dnrd
vendor:	iproute2	model:	iproute2

Finding and reporting a device vulnerability - SPLICE Trust: 3.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: June 2, 2021, 7:10 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

wireshark

model:

wireshark

USN-5165-1: Linux kernel (OEM) vulnerabilities \| Ubuntu security notices \| Ubuntu Trust: 4.75 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 30, 2021, midnight	Vulnerabilities: system crash, denial of service

Affected products

External IDs

db:	NVD	ids:	CVE-2021-43056, CVE-2021-3772, CVE-2021-43389, CVE-2021-3760, CVE-2021-43267, CVE-2021-42327, CVE-2021-42739
db:	UBUNTU	ids:	USN-5165-1, USN-5139-1

USB ISP Mode Vulnerability - NXP Community Trust: 3.0 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 1, 2021, 8 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-40154

CVE - CVE-2021-34739 Trust: 3.75 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	small business series
vendor:	cisco	model:	series
vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	series switches
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	small business series switches
vendor:	cisco	model:	small business
vendor:	cisco systems	model:	small business series
vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	cisco small business
vendor:	cisco systems	model:	series switches
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	small business series switches
vendor:	cisco systems	model:	small business

db:

NVD

ids:

CVE-2021-34739

NVD - CVE-2021-34724 Trust: 4.75 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Oct. 13, 2021, midnight	Vulnerabilities: improper access control

Affected products

External IDs

vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	sd-wan
vendor:	cisco	model:	asr_1000
vendor:	cisco	model:	ios xe sd-wan software
vendor:	cisco	model:	cisco ios xe
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	cisco ios
vendor:	cisco systems	model:	ios xe
vendor:	cisco systems	model:	sd-wan
vendor:	cisco systems	model:	asr_1000
vendor:	cisco systems	model:	ios xe sd-wan software
vendor:	cisco systems	model:	cisco ios xe

db:

NVD

ids:

CVE-2021-34724

Cisco : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202110-1286, VAR-202110-1351, VAR-202110-1353, VAR-202110-0209, VAR-202110-0619, VAR-202110-1297, VAR-202110-1376, VAR-202111-0418, VAR-202111-1197, VAR-202110-0203, VAR-202111-0401, VAR-202110-1377, VAR-202110-0211, VAR-202110-1350, VAR-202110-0212, VAR-202111-0417, VAR-202111-0412, VAR-202109-0624, VAR-202109-0623, VAR-202110-1305, VAR-202110-0618, VAR-202110-1375, VAR-202111-0413, VAR-202110-1367, VAR-202110-0617, VAR-202109-0631, VAR-202111-1198, VAR-202111-0400, VAR-202108-0824, VAR-202110-1394, VAR-202110-1393, VAR-202108-0823, VAR-202110-1392, VAR-202111-0419, VAR-202110-1402, VAR-202110-1395, VAR-202110-0623, VAR-202110-1298, VAR-202109-0622, VAR-202109-0617, VAR-202110-0622, VAR-202110-1065, VAR-202111-1196, VAR-202110-1366, VAR-202109-0618, VAR-202110-0213, VAR-202110-1354, VAR-202111-0393, VAR-202111-0664, VAR-202110-1352 Trust: 5.25 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 2, 2021, midnight	Vulnerabilities: directory traversal, traversal attack, improper validation...

Affected products

External IDs

vendor:	cisco	model:	unified communications manager
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	cisco webex
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	webex
vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	nexus
vendor:	cisco	model:	small business
vendor:	cisco	model:	common services platform collector
vendor:	cisco	model:	small business rv
vendor:	cisco	model:	series routers
vendor:	cisco	model:	cisco anyconnect secure mobility client
vendor:	cisco	model:	anyconnect secure mobility client
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	cisco webex meetings
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	roomos
vendor:	cisco	model:	evolved programmable network manager
vendor:	cisco	model:	webex meetings
vendor:	cisco	model:	dna center
vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	policy suite
vendor:	cisco	model:	cisco telepresence
vendor:	cisco	model:	cisco telepresence management suite
vendor:	cisco	model:	series
vendor:	cisco	model:	meeting
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	cisco unified communications manager
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco evolved programmable network manager
vendor:	cisco	model:	cisco meeting
vendor:	cisco	model:	unified communications manager session management edition
vendor:	cisco	model:	cisco meeting server
vendor:	cisco	model:	meeting server
vendor:	cisco	model:	telepresence
vendor:	cisco	model:	umbrella
vendor:	cisco	model:	cisco prime infrastructure
vendor:	cisco	model:	cisco web security appliance
vendor:	cisco	model:	web security appliance
vendor:	cisco	model:	prime infrastructure
vendor:	cisco	model:	routers
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	firepower
vendor:	cisco	model:	small business rv series routers
vendor:	cisco	model:	cisco policy suite
vendor:	cisco	model:	cisco roomos
vendor:	cisco	model:	telepresence management suite
vendor:	cisco	model:	webex video mesh
vendor:	cisco	model:	telepresence collaboration endpoint
vendor:	cisco	model:	unified communications
vendor:	mesh	model:	mesh
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2021-34754, CVE-2021-40117, CVE-2021-40114, CVE-2021-34748, CVE-2021-40121, CVE-2021-34756, CVE-2021-34793, CVE-2021-34774, CVE-2021-40130, CVE-2021-34782, CVE-2021-40115, CVE-2021-34792, CVE-2021-34758, CVE-2021-40118, CVE-2021-34766, CVE-2021-34784, CVE-2021-40124, CVE-2021-34765, CVE-2021-34759, CVE-2021-34761, CVE-2021-40122, CVE-2021-34794, CVE-2021-40120, CVE-2021-34763, CVE-2021-40123, CVE-2021-34771, CVE-2021-40129, CVE-2021-40128, CVE-2021-34749, CVE-2021-34783, CVE-2021-34790, CVE-2021-34745, CVE-2021-34791, CVE-2021-34773, CVE-2021-40125, CVE-2021-34781, CVE-2021-34760, CVE-2021-34755, CVE-2021-34746, CVE-2021-34785, CVE-2021-34789, CVE-2021-34762, CVE-2021-40131, CVE-2021-34764, CVE-2009-1234, CVE-2021-34786, CVE-2021-34772, CVE-2021-34787, CVE-2021-40126, CVE-2021-40119, CVE-2021-40116

New Axis OS Security Research Aided by Transparent Design Trust: 4.75 Fetched: Dec. 6, 2021, 2:33 p.m., Published: Oct. 5, 2021, 3 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	axis	model:	communications
vendor:	axis	model:	axis
vendor:	axis	model:	ip cameras
vendor:	axis communications	model:	communications
vendor:	axis communications	model:	axis
vendor:	axis communications	model:	ip cameras

VARIoT news about IoT security