VARIoT latest news about IoT security

Cisco : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202110-1352, VAR-202110-0618, VAR-202109-0622, VAR-202111-0393, VAR-202108-0824, VAR-202111-0418, VAR-202110-1366, VAR-202110-1367, VAR-202109-0623, VAR-202110-0211, VAR-202110-1350, VAR-202110-1393, VAR-202111-0412, VAR-202110-0213, VAR-202110-1297, VAR-202110-1305, VAR-202110-1376, VAR-202110-0622, VAR-202111-0419, VAR-202111-1196, VAR-202111-0401, VAR-202111-0417, VAR-202110-1065, VAR-202110-1392, VAR-202110-1354, VAR-202111-0664, VAR-202110-1351, VAR-202110-0203, VAR-202110-1395, VAR-202110-1402, VAR-202110-1286, VAR-202109-0618, VAR-202108-0823, VAR-202111-1197, VAR-202110-1377, VAR-202109-0624, VAR-202110-0617, VAR-202110-0209, VAR-202110-1353, VAR-202110-0212, VAR-202110-1375, VAR-202110-0623, VAR-202111-0413, VAR-202111-1198, VAR-202110-1394, VAR-202109-0631, VAR-202110-0619, VAR-202109-0617, VAR-202111-0400, VAR-202110-1298 Trust: 5.25 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 2, 2021, midnight	Vulnerabilities: cross-site request forgery, resource exhaustion, request forgery...

Affected products

External IDs

vendor:	cisco	model:	unified communications
vendor:	cisco	model:	cisco policy suite
vendor:	cisco	model:	anyconnect secure mobility client
vendor:	cisco	model:	cisco unified communications manager
vendor:	cisco	model:	webex
vendor:	cisco	model:	webex meetings
vendor:	cisco	model:	cisco webex
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	policy suite
vendor:	cisco	model:	cisco telepresence
vendor:	cisco	model:	dna center
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	cisco web security appliance
vendor:	cisco	model:	telepresence management suite
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	roomos
vendor:	cisco	model:	cisco meeting
vendor:	cisco	model:	unified communications manager session management edition
vendor:	cisco	model:	common services platform collector
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	prime infrastructure
vendor:	cisco	model:	small business rv series routers
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	firepower
vendor:	cisco	model:	series routers
vendor:	cisco	model:	routers
vendor:	cisco	model:	nexus
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	meeting server
vendor:	cisco	model:	telepresence collaboration endpoint
vendor:	cisco	model:	cisco prime infrastructure
vendor:	cisco	model:	telepresence
vendor:	cisco	model:	cisco telepresence management suite
vendor:	cisco	model:	series
vendor:	cisco	model:	unified communications manager
vendor:	cisco	model:	cisco evolved programmable network manager
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	cisco roomos
vendor:	cisco	model:	cisco webex meetings
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	umbrella
vendor:	cisco	model:	meeting
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	webex video mesh
vendor:	cisco	model:	web security appliance
vendor:	cisco	model:	cisco anyconnect secure mobility client
vendor:	cisco	model:	cisco meeting server
vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	evolved programmable network manager
vendor:	cisco	model:	small business
vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	small business rv
vendor:	mesh	model:	mesh
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2021-40116, CVE-2021-40122, CVE-2021-34746, CVE-2021-40126, CVE-2021-34749, CVE-2021-34774, CVE-2021-34764, CVE-2021-34763, CVE-2021-34759, CVE-2021-34758, CVE-2021-40118, CVE-2021-34790, CVE-2021-40124, CVE-2021-34772, CVE-2021-34756, CVE-2021-34761, CVE-2021-34793, CVE-2021-34789, CVE-2021-34773, CVE-2021-40131, CVE-2021-40115, CVE-2021-34784, CVE-2021-34762, CVE-2021-34791, CVE-2021-34787, CVE-2021-40119, CVE-2021-40117, CVE-2021-34782, CVE-2021-34781, CVE-2021-40125, CVE-2021-34754, CVE-2021-34786, CVE-2021-34745, CVE-2021-40130, CVE-2021-34792, CVE-2021-34765, CVE-2009-1234, CVE-2021-40123, CVE-2021-34748, CVE-2021-40114, CVE-2021-34766, CVE-2021-34794, CVE-2021-34760, CVE-2021-40120, CVE-2021-40129, CVE-2021-34783, CVE-2021-34771, CVE-2021-40121, CVE-2021-34785, CVE-2021-40128, CVE-2021-34755

Hackers Exploit Microsoft Exchange Vulnerabilities To Drop Babuk Ransomware Trust: 4.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 6, 2021, 8:23 a.m.	Vulnerabilities: command execution, code execution, request forgery...

Affected products	External IDs

Bug in MediaTek chips could lead to hackers eavesdropping on Android users Trust: 4.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 25, 2021, 6:49 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	vivo	model:	vivo
vendor:	google	model:	home
vendor:	google	model:	android
vendor:	check point	model:	check point

db:

NVD

ids:

CVE-2021-0662, CVE-2021-0661, CVE-2021-0663

INTEL-SA-00554 Related entries in the VARIoT vulnerabilities database: VAR-202111-1629 Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 9, 2021, 5:43 p.m.	Vulnerabilities: improper access control, denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2021-0200, CVE-2021-0199, CVE-2021-0197, CVE-2021-0198

Synopsys Research Finds Vulnerabilities in 97% of Applications, 36% Impacted by Critical- or High-Risk Vulnerabilities - EEJournal Trust: 4.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 16, 2021, 5:35 p.m.	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:

google

model:

android

A Vulnerability in Microsoft Edge Could Allow for Arbitrary Code Execution Trust: 3.25 Fetched: Nov. 29, 2021, 2:59 p.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-43221

OnePlus Nord 2 is exposed to a dangerous vulnerability - Real Mi Central Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 27, 2021, 7:56 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

oneplus

model:

oneplus

CVE-2021-38685 : A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability all Trust: 5.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 9, 2021, midnight	Vulnerabilities: command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2021-38685, CVE-2009-1234

OnePlus Nord 2 has a vulnerability that grants root shell access within minutes on a locked bootloader, without a data wipe Trust: 3.5 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, 1:05 p.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	samsung	model:	note
vendor:	samsung	model:	samsung
vendor:	oneplus	model:	oneplus
vendor:	oneplus	model:	oxygenos
vendor:	oneplus	model:	one

A Vulnerability in Fortinet FortiWeb Could Allow for Arbitrary Code Execution. Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 7, 2022, 7:33 p.m.	Vulnerabilities: code execution

Affected products	External IDs

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerability - Cisco Trust: 4.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Oct. 27, 2021, 2:29 p.m.	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:	cisco	model:	anyconnect ssl vpn
vendor:	cisco	model:	cisco adaptive security appliance software
vendor:	cisco	model:	firepower
vendor:	cisco	model:	device manager
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	clientless ssl vpn
vendor:	cisco	model:	adaptive security appliance software
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	asa software
vendor:	cisco	model:	firepower threat defense software
vendor:	cisco	model:	cisco firepower management center

Vulnerabilities in MediaTek chipset could have led to spying on Android users Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 25, 2021, 6 a.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	xiaomi	model:	redmi
vendor:	xiaomi	model:	miui
vendor:	vivo	model:	vivo
vendor:	oneplus	model:	oneplus
vendor:	google	model:	android
vendor:	check point	model:	check point

db:

NVD

ids:

CVE-2021-0662, CVE-2021-0661, CVE-2021-0663, CVE-2021-0673

New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable Trust: 4.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Sept. 2, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28139

Vulnerabilities in TCP/IP stack may affect millions of devices, warn researchers \| IT World Canada News Trust: 3.5 Fetched: Nov. 29, 2021, 2:59 p.m., Published: April 15, 2021, 3:56 p.m.	Vulnerabilities: denial of service, code execution

Affected products

External IDs

vendor:	treck	model:	tcp/ip stack
vendor:	siemens	model:	nucleus net
vendor:	siemens	model:	nucleus rtos
vendor:	siemens	model:	vstar
vendor:	siemens	model:	nucleus 4
vendor:	siemens	model:	nucleus readystart
vendor:	siemens	model:	nucleus source code
vendor:	siemens	model:	nucleus

Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices - My Blog Trust: 4.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 6, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	tp-link	model:	ac1750
vendor:	tp-link	model:	routers

Netgear Patches Code Execution Vulnerability Affecting Many Products \| All the news of the world, England, Europe, US on the news portal Related entries in the VARIoT vulnerabilities database: VAR-202111-0632 Trust: 5.5 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 13, 2022, midnight	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	netgear	model:	netgear router
vendor:	netgear	model:	netgear router firmware
vendor:	netgear	model:	router

db:

NVD

ids:

CVE-2021-34991

Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices_HackDig Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 6, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	tp-link	model:	ac1750
vendor:	tp-link	model:	routers

Vulnerability in Cisco security devices could cause firewalls to fail \| Communications Today Related entries in the VARIoT vulnerabilities database: VAR-202005-0696, VAR-202005-0685, VAR-202007-1057, VAR-202110-1796 Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, 8:05 a.m.	Vulnerabilities: buffer overflow, denial of service

Affected products

External IDs

vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	device manager
vendor:	cisco	model:	firepower

db:

NVD

ids:

CVE-2020-3259, CVE-2020-3187, CVE-2020-3452, CVE-2021-34704

Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices \| IT Security News Related entries in the VARIoT vulnerabilities database: VAR-201906-1344 Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, 3:13 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	tp-link	model:	routers
vendor:	asus	model:	router
vendor:	asus	model:	asus

db:

NVD

ids:

CVE-2019-7406

Cisco vulnerability could cause your firewalls to fail \| TechRadar Related entries in the VARIoT vulnerabilities database: VAR-202110-1796 Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 23, 2021, 3:20 a.m.	Vulnerabilities: denial of service, buffer overflow

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2021-34704

VARIoT news about IoT security