Sign-up

VARIoT news about IoT security

Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices

Trust: 5.5

Fetched: Jan. 31, 2023, 9:10 a.m., Published: Jan. 30, 2023, 9:30 a.m.
 Vulnerabilities: code execution, command injection
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks
vendor: asus model: asus
db: NVD ids: CVE-2021-35394

Benefits Of Making Your Website Mobile-Friendly | WebGeek

Trust: 3.75

Fetched: Jan. 29, 2023, 9:10 a.m., Published: Jan. 27, 2023, 8:21 a.m.
 Vulnerabilities: code injection, request forgery, cross-site scripting...
Affected productsExternal IDs

Apple users with certain old iPhone, iPad devices should install this security update - 1010 WCSI

Trust: 3.75

Fetched: Jan. 29, 2023, 9:09 a.m., Published: Jan. 26, 2023, 9:25 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: ipod touch
vendor: apple model: iphone
vendor: apple model: ipad air

Arm Vulnerability Allows Code Execution on Pixel 6 Devices

Trust: 6.0

Fetched: Jan. 29, 2023, 9:09 a.m., Published: Jan. 25, 2023, 3:12 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2022-38181

Realtek SDK Vulnerability exploited to hack into 190 models of IoT devices from 66 manufacturers - Cybersecurity Red Flag

Trust: 5.5

Fetched: Jan. 29, 2023, 9:08 a.m., Published: -
 Vulnerabilities: code execution, arbitrary command execution, denial of service...
Affected productsExternal IDs
vendor: realtek model: realtek sdk
db: NVD ids: CVE-2021-35394

Flagging firmware vulnerabilities.

Trust: 3.0

Fetched: Jan. 29, 2023, 9:08 a.m., Published: Jan. 1, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Cisco VPN Routers: 19,000 Devices Left Exposed to Remote Command Execution Exploit Chain | Black Hat Ethical Hacking

Trust: 4.0

Fetched: Jan. 29, 2023, 9:07 a.m., Published: Jan. 24, 2023, 8:21 a.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: cisco model: routers
vendor: cisco model: rv042g
vendor: cisco model: rv016
vendor: cisco model: small business
vendor: cisco model: cisco small business
vendor: cisco model: rv042
vendor: cisco model: rv082

Top List for Malware, Vulnerabilities, Attacks - B2B Cyber ​​Security

Related entries in the VARIoT vulnerabilities database: VAR-201606-0254, VAR-201504-0262, VAR-201812-0620, VAR-201811-0489, VAR-201404-0551, VAR-201012-0060, VAR-201511-0079

Trust: 5.25

Fetched: Jan. 29, 2023, 9:07 a.m., Published: Jan. 26, 2023, 12:07 a.m.
 Vulnerabilities: information disclosure, input validation error, command injection...
Affected productsExternal IDs
vendor: palo model: networks
vendor: check point model: check point
vendor: google model: android
vendor: palo alto networks model: networks
vendor: check point software technologies model: check point
vendor: checkpoint model: check point
db: NVD ids: CVE-2017-11512, CVE-2019-18952, CVE-2020-5410, CVE-2020-8260, CVE-2016-4523, CVE-2015-0666, CVE-2018-3949, CVE-2011-2474, CVE-2022-24086, CVE-2021-43936, CVE-2018-3948, CVE-2015-4068, CVE-2014-0780, CVE-2010-4598, CVE-2015-7254, CVE-2014-0130

Researchers warn of a critical vulnerability that puts a variety of Windows devices at risk

Trust: 3.0

Fetched: Jan. 29, 2023, 9:07 a.m., Published: Jan. 27, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-34689

10 Best Vulnerability Scanner Tools - 2023 (Updated)

Trust: 3.75

Fetched: Jan. 29, 2023, 9:06 a.m., Published: Jan. 8, 2023, 2:59 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: tripwire model: ip360

Attackers Crafted Custom Malware for Fortinet Zero-Day

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 3.5

Fetched: Jan. 29, 2023, 9:06 a.m., Published: Jan. 19, 2023, 9:30 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sonicwall model: ssl-vpn
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475

Millions of Attacks to Exploit Realtek SDK Vulnerability

Trust: 5.5

Fetched: Jan. 29, 2023, 9:05 a.m., Published: Jan. 27, 2023, 12:07 p.m.
 Vulnerabilities: memory corruption, command injection, code execution
Affected productsExternal IDs
vendor: palo model: networks
vendor: realtek model: realtek sdk
vendor: asus model: asus
vendor: asus model: routers
vendor: palo alto networks model: networks
vendor: huawei model: huawei
db: NVD ids: CVE-2021-35395, CVE-2021-35394

Samsung Galaxy Vulnerabilities May Cause Unwanted Execution

Related entries in the VARIoT vulnerabilities database: VAR-202302-0598

Trust: 5.75

Fetched: Jan. 27, 2023, 9:17 a.m., Published: Jan. 24, 2023, 2:45 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
db: NVD ids: CVE-2023-21433

Massive IoT Hack: 190 Device Models from 66 Manufacturers Vulnerable to Realtek SDK Exploit! -

Trust: 6.0

Fetched: Jan. 27, 2023, 9:16 a.m., Published: Jan. 26, 2023, 10:02 a.m.
 Vulnerabilities: code execution, denial of service, command execution...
Affected productsExternal IDs
vendor: realtek model: realtek sdk
db: NVD ids: CVE-2021-35394

New Boldmove Linux malware used to backdoor Fortinet devices - SPIXNET C2S

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 3.75

Fetched: Jan. 27, 2023, 9:16 a.m., Published: Jan. 24, 2023, 2:55 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-42475

Hackers exploited critical Realtek SDK bug in millions of attacks to infect smart devices

Trust: 5.25

Fetched: Jan. 27, 2023, 9:16 a.m., Published: Jan. 26, 2023, 10:26 a.m.
 Vulnerabilities: code execution, memory corruption, command injection
Affected productsExternal IDs
vendor: realtek model: realtek sdk
vendor: palo alto networks model: networks
vendor: palo model: networks
db: NVD ids: CVE-2021-35394, CVE-2021-35395

Apple users with certain old iPhone, iPad devices should install this security update | Fox News

Trust: 3.75

Fetched: Jan. 27, 2023, 9:15 a.m., Published: May 27, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: ipod touch

Windows CryptoAPI vulnerability exploit issued | SC Media

Trust: 3.25

Fetched: Jan. 27, 2023, 9:10 a.m., Published: Jan. 26, 2023, 7:32 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Many ICS flaws remain unpatched as attacks against critical infrastructure rise - ARN

Trust: 3.5

Fetched: Jan. 27, 2023, 9:10 a.m., Published: Jan. 27, 2023, midnight
 Vulnerabilities: code execution, path traversal, buffer overflow...
Affected productsExternal IDs
vendor: trend model: security

Qualcomm UEFI Flaws Expose Microsoft, Lenovo, Samsung Devices to Attacks - SecurityWeek

Trust: 3.5

Fetched: Jan. 27, 2023, 9:09 a.m., Published: Jan. 6, 2023, 11:29 a.m.
 Vulnerabilities: code execution, information disclosure
Affected productsExternal IDs
vendor: lenovo model: system
vendor: lenovo model: updates
vendor: lenovo model: thinkpad