Sign-up

VARIoT news about IoT security

Integration of vulnerabilities into Graph Api - Microsoft Community Hub

Trust: 3.5

Fetched: Dec. 9, 2022, 9:19 a.m., Published: Dec. 6, 2022, 10:50 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hub model: hub

Google Releases Zero-Day Vulnerability Update

Trust: 4.75

Fetched: Dec. 9, 2022, 9:18 a.m., Published: Dec. 7, 2022, 3:46 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2022-4262

Vulnerabilities in Popular Keyboard and Mouse Android Apps Expose User Data | IT Security News

Trust: 5.0

Fetched: Dec. 9, 2022, 9:18 a.m., Published: Dec. 1, 2022, 10:36 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point

Vulnerability Spotlight: NVIDIA driver memory corruption vulnerabilities discovered

Trust: 5.75

Fetched: Dec. 9, 2022, 9:16 a.m., Published: Dec. 6, 2022, 4:09 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: snort.org model: snort
vendor: cisco model: firepower
vendor: cisco model: firepower management center
vendor: snort model: snort
db: NVD ids: CVE-2022-34671

New Vulnerabilities Wednesday 07 December - CND News and Blog

Trust: 4.0

Fetched: Dec. 9, 2022, 9:16 a.m., Published: Dec. 7, 2022, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs

Major vulnerabilities used in ransomware attacks

Related entries in the VARIoT vulnerabilities database: VAR-202107-1010

Trust: 4.5

Fetched: Dec. 9, 2022, 9:15 a.m., Published: Dec. 8, 2022, 4:42 p.m.
 Vulnerabilities: authorization vulnerability, sql injection, feature bypass...
Affected productsExternal IDs
vendor: trend model: security
vendor: sonicwall model: secure mobile access
vendor: sonicwall model: sma 100
db: NVD ids: CVE-2021-26855, CVE-2021-34481, CVE-2021-26858, CVE-2021-34527, CVE-2021-28799, CVE-2021-27065

Fortinet Patches High-Severity Authentication Bypass Vulnerability in FortiOS | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202212-0808, VAR-202212-0781, VAR-202212-0704

Trust: 4.0

Fetched: Dec. 9, 2022, 9:14 a.m., Published: Dec. 9, 2022, midnight
 Vulnerabilities: information disclosure, sql injection, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2022-35843, CVE-2022-33876, CVE-2022-33875

Critical WhatsApp vulnerabilities patched: Check you've updated!

Trust: 4.5

Fetched: Dec. 9, 2022, 9:13 a.m., Published: Dec. 7, 2022, 6:01 p.m.
 Vulnerabilities: buffer overflow, integer overflow, memory corruption...
Affected productsExternal IDs
db: NVD ids: CVE-2022-36934, CVE-2022-27492

Cisco discloses high-severity IP phone bug with exploit code

Related entries in the VARIoT vulnerabilities database: VAR-202212-0864

Trust: 4.5

Fetched: Dec. 9, 2022, 9:12 a.m., Published: -
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: cisco model: ip phones
vendor: cisco model: link layer discovery protocol
vendor: cisco model: ip phone
vendor: cisco model: ip phone 7800
vendor: cisco model: series
vendor: cisco model: voice vlan
db: NVD ids: CVE-2022-20968

Zerobot Weaponizes Numerous Flaws in Slew of IoT Devices

Trust: 3.0

Fetched: Dec. 9, 2022, 9:11 a.m., Published: Dec. 7, 2022, 10:35 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei

Why medical equipment vulnerability remediation is not one-size-fits-all - TRIMEDX

Trust: 3.0

Fetched: Dec. 9, 2022, 9:11 a.m., Published: Oct. 19, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth

Trust: 5.5

Fetched: Dec. 9, 2022, 9:10 a.m., Published: Dec. 7, 2022, 7:08 p.m.
 Vulnerabilities: information disclosure, code execution
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: mobile devices
vendor: samsung model: android phone
vendor: samsung model: mobile
db: NVD ids: CVE-2022-20498, CVE-2022-20411, CVE-2022-20472, CVE-2022-20473

Forescout’s Vedere Labs Discloses Three New Vulnerabilities Affecting OT Products | UAE News 24/7

Related entries in the VARIoT vulnerabilities database: VAR-201501-0401

Trust: 4.5

Fetched: Dec. 7, 2022, 9:22 a.m., Published: Dec. 6, 2022, 1:25 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: codesys model: control
vendor: codesys model: codesys
vendor: codesys model: runtime
db: NVD ids: CVE-2022-31806, CVE-2022-3079, CVE-2014-9195, CVE-2022-3270, CVE-2022-22515, CVE-2022-31896, CVE-2022-4048

Google says Google should do a better job of patching Android phones | Ars Technica

Trust: 4.5

Fetched: Dec. 7, 2022, 9:22 a.m., Published: Nov. 28, 2022, 6:23 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
vendor: samsung model: exynos
vendor: samsung model: galaxy
db: NVD ids: CVE-2022-36449

Smart inverters’ vulnerability to cyberattack | EurekAlert!

Trust: 3.0

Fetched: Dec. 7, 2022, 9:21 a.m., Published: Nov. 29, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

What Project Memoria Foretold about TCP/IP Security and Supply Chain Vulnerabilities - Security Boulevard

Trust: 3.75

Fetched: Dec. 7, 2022, 9:21 a.m., Published: Dec. 6, 2022, noon
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2020-7461, CVE-2020-11899

URGENT/11 vulnerabilities in VxWorks OS impact over 2 billion IoT devices - Latest Digital Transformation Trends | Cloud News | Wire19

Related entries in the VARIoT vulnerabilities database: VAR-201908-0712, VAR-201908-0702, VAR-201908-0714, VAR-201908-0713, VAR-201908-0701, VAR-201908-0715, VAR-201908-0706, VAR-201908-0705, VAR-201908-0699, VAR-201908-0703, VAR-201908-0704

Trust: 4.0

Fetched: Dec. 7, 2022, 9:19 a.m., Published: July 30, 2019, midnight
 Vulnerabilities: information leak
Affected productsExternal IDs
db: NVD ids: CVE-2019-12255, CVE-2019-12261, CVE-2019-12257, CVE-2019-12256, CVE-2019-12260, CVE-2019-12258, CVE-2019-12265, CVE-2019-12264, CVE-2019-12259, CVE-2019-12262, CVE-2019-12263

Vulnerability Summary for the Week of November 21, 2022 | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202211-1389, VAR-202211-1344, VAR-202211-1392, VAR-202211-1418, VAR-202211-1287, VAR-202211-1487, VAR-202211-1361, VAR-202211-1815, VAR-202211-1497, VAR-202211-1527, VAR-202211-1688, VAR-202210-1070, VAR-202211-1796, VAR-202211-1567, VAR-202211-1634, VAR-202211-1393, VAR-202211-1362, VAR-202211-1417, VAR-202211-1323, VAR-202210-0997, VAR-202211-1363, VAR-202211-1593, VAR-202211-1777, VAR-202209-0222

Trust: 5.25

Fetched: Dec. 7, 2022, 9:16 a.m., Published: Nov. 21, 2022, midnight
 Vulnerabilities: access control issue, improper access control, file upload vulnerability...
Affected productsExternal IDs
vendor: bouncy castle model: bouncy castle
vendor: bouncy castle model: fips java api
vendor: schneider_electric model: modicon quantum
vendor: schneider_electric model: m580
vendor: schneider_electric model: modicon m580
vendor: schneider_electric model: modicon m340
vendor: schneider_electric model: bmxnoe0100
vendor: schneider_electric model: bmxnoe0110
vendor: schneider_electric model: modbus
vendor: schneider_electric model: bmxnor0200h
vendor: schneider_electric model: premium
vendor: schneider_electric model: monitor pro
vendor: schneider_electric model: m340 cpus
vendor: schneider_electric model: monitor
vendor: schneider_electric model: m340
vendor: mitsubishi electric corporation model: gt27 model
vendor: mitsubishi electric corporation model: gt23 model
vendor: mitsubishi electric corporation model: gt25 model
vendor: tenda model: ac18
vendor: google model: wifi
vendor: google model: chrome
vendor: google model: android
vendor: google model: google chrome
vendor: epson model: print
vendor: epson model: connect
vendor: epson model: webconfig
vendor: mitsubishi model: gt27 model
vendor: mitsubishi model: gt23 model
vendor: mitsubishi model: gt25 model
vendor: mitsubishi_electric model: gt27 model
vendor: mitsubishi_electric model: gt23 model
vendor: mitsubishi_electric model: gt25 model
vendor: mitsubishi electric model: gt27 model
vendor: mitsubishi electric model: gt23 model
vendor: mitsubishi electric model: gt25 model
vendor: hitachi model: web server
vendor: zoho model: manageengine servicedesk plus
db: NVD ids: CVE-2022-41157, CVE-2022-4136, CVE-2022-29829, CVE-2022-45872, CVE-2022-41712, CVE-2022-41924, CVE-2022-41925, CVE-2022-33012, CVE-2022-37931, CVE-2022-38166, CVE-2022-43213, CVE-2022-38114, CVE-2022-29830, CVE-2022-43212, CVE-2022-3500, CVE-2022-45476, CVE-2022-35407, CVE-2022-41937, CVE-2022-44859, CVE-2022-0222, CVE-2022-37301, CVE-2022-45207, CVE-2022-41705, CVE-2022-3388, CVE-2022-41958, CVE-2022-30257, CVE-2022-23044, CVE-2022-45886, CVE-2022-30258, CVE-2022-44183, CVE-2022-38767, CVE-2022-35500, CVE-2022-41935, CVE-2022-29828, CVE-2022-38813, CVE-2022-45909, CVE-2022-45908, CVE-2022-39331, CVE-2022-44178, CVE-2022-40771, CVE-2022-45037, CVE-2022-43984, CVE-2022-4087, CVE-2022-41131, CVE-2022-44858, CVE-2022-4135, CVE-2022-36179, CVE-2022-41954, CVE-2022-41928, CVE-2022-45888, CVE-2022-38145, CVE-2022-41929, CVE-2022-36337, CVE-2022-36227, CVE-2022-39332, CVE-2022-44175, CVE-2022-44176, CVE-2022-44748, CVE-2022-45866, CVE-2022-44278, CVE-2022-4088, CVE-2022-38147, CVE-2022-44843, CVE-2022-37720, CVE-2022-35501, CVE-2022-40772, CVE-2022-45907, CVE-2022-36180, CVE-2022-39067, CVE-2022-29825, CVE-2022-41946, CVE-2022-39066, CVE-2022-2721, CVE-2022-41931, CVE-2022-2650, CVE-2022-45039, CVE-2022-45036, CVE-2022-39397, CVE-2022-29833, CVE-2009-1143, CVE-2022-41936, CVE-2022-44860, CVE-2022-41933, CVE-2022-43196, CVE-2022-4068, CVE-2022-44280, CVE-2022-41706, CVE-2022-44117, CVE-2022-40954, CVE-2022-45152, CVE-2022-44844, CVE-2022-42095, CVE-2022-39334, CVE-2022-44120, CVE-2022-41934, CVE-2022-40304, CVE-2022-26885, CVE-2022-4089, CVE-2022-29832, CVE-2022-36133, CVE-2022-41156, CVE-2022-2513, CVE-2022-41932, CVE-2022-39070, CVE-2022-41158, CVE-2022-44140, CVE-2022-45205, CVE-2022-40266, CVE-2022-44171, CVE-2022-44789, CVE-2022-37429, CVE-2022-4091, CVE-2022-3861, CVE-2022-41875, CVE-2022-45363, CVE-2022-43983, CVE-2022-45163, CVE-2022-40189, CVE-2022-39338, CVE-2022-37421, CVE-2022-41923, CVE-2022-37430, CVE-2022-4090, CVE-2022-38724, CVE-2022-44411, CVE-2022-45040, CVE-2022-44118, CVE-2022-30529, CVE-2022-24999, CVE-2021-35246, CVE-2022-23740, CVE-2022-44177, CVE-2021-29334, CVE-2022-45276, CVE-2022-41446, CVE-2022-44172, CVE-2022-39339, CVE-2022-44174, CVE-2022-45280, CVE-2022-45873, CVE-2022-35897, CVE-2009-1142, CVE-2022-45038, CVE-2022-45210, CVE-2022-39325, CVE-2022-40303, CVE-2022-45884, CVE-2022-29827, CVE-2022-0698, CVE-2022-41926, CVE-2021-43258, CVE-2022-44180, CVE-2022-39333, CVE-2022-44737, CVE-2022-4141, CVE-2022-38113, CVE-2022-45278, CVE-2022-45887, CVE-2022-44749, CVE-2022-41922, CVE-2022-41927, CVE-2022-45885, CVE-2021-35284, CVE-2022-41945, CVE-2022-40282, CVE-2022-38377, CVE-2022-38649, CVE-2022-25164, CVE-2022-38115, CVE-2022-29831, CVE-2022-45475, CVE-2022-45206, CVE-2022-29826, CVE-2022-45868, CVE-2022-39346, CVE-2022-45218, CVE-2022-37721, CVE-2022-43751, CVE-2022-45225, CVE-2022-39833, CVE-2022-45208, CVE-2022-45146, CVE-2022-40770, CVE-2022-41930

Eufy Security Vulnerabilities: How Many Households Might Be Affected? - CUJO AI

Trust: 3.0

Fetched: Dec. 7, 2022, 9:16 a.m., Published: Dec. 2, 2022, 12:43 p.m.
 Vulnerabilities: -
Affected productsExternal IDs

Address medical device vulnerabilities to protect healthcare system cybersecurity

Trust: 3.0

Fetched: Dec. 7, 2022, 9:15 a.m., Published: Dec. 6, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs