Sign-up

VARIoT news about IoT security

Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

Trust: 5.5

Fetched: Nov. 4, 2022, 8:13 p.m., Published: Aug. 10, 2022, 10:02 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: draytek model: draytek routers
vendor: draytek model: routers
db: NVD ids: CVE-2022-1400, CVE-2022-1399, CVE-2022-1410, CVE-2022-1401

Exposure score in Defender Vulnerability Management | Microsoft Learn

Trust: 3.0

Fetched: Nov. 4, 2022, 8:11 p.m., Published: Sept. 27, 2022, 11:22 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks | SecurityWeek.Com

Trust: 4.25

Fetched: Nov. 4, 2022, 8:11 p.m., Published: Nov. 4, 2022, midnight
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: tenda model: router
vendor: d-link model: router
vendor: realtek model: realtek sdk
db: NVD ids: CVE-2022-27255

Apple fixes vulnerabilities in iOS devices and Mac computers | SC Media

Related entries in the VARIoT vulnerabilities database: VAR-202209-0759

Trust: 3.75

Fetched: Nov. 4, 2022, 8:10 p.m., Published: Sept. 16, 2022, 12:42 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
db: NVD ids: CVE-2022-32917

Learn how to mitigate the Log4Shell vulnerability in Microsoft Defender for Endpoint - Defender Vulnerability Management | Microsoft Learn

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 5.0

Fetched: Nov. 4, 2022, 8:04 p.m., Published: Sept. 27, 2022, 11:22 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Bugs Found in Contec Airplane WiFi Devices Expose Passengers to Cyberattack | Spiceworks 1

Trust: 4.0

Fetched: Nov. 4, 2022, 8:04 p.m., Published: Sept. 15, 2022, midnight
 Vulnerabilities: default password
Affected productsExternal IDs
db: NVD ids: CVE-2022-36158, CVE-2022-36159

Apple warns of security flaw for iPhones, iPads and Macs that allows hackers to access devices - CBS News

Trust: 3.0

Fetched: Nov. 4, 2022, 8:04 p.m., Published: Nov. 1, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: ipad

Exploit out for critical Realtek flaw affecting many networking devices

Trust: 4.75

Fetched: Nov. 4, 2022, 8:03 p.m., Published: -
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: buffalo model: router
vendor: d-link model: router
vendor: snort model: snort
vendor: realtek model: realtek sdk
vendor: belkin model: router
vendor: asustek model: routers
vendor: asustek model: router
db: NVD ids: CVE-2022-27255

New Firmware Vulnerabilities Affecting Millions of Devices Allow Persistent Access | SecurityWeek.Com

Trust: 3.75

Fetched: Nov. 4, 2022, 8:02 p.m., Published: Nov. 4, 2022, midnight
 Vulnerabilities: information disclosure, code execution
Affected productsExternal IDs
vendor: lenovo model: system

You should probably update your Apple devices right now | CNN Business

Trust: 3.0

Fetched: Nov. 4, 2022, 8:02 p.m., Published: Aug. 18, 2022, 11:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: ipod touch
vendor: apple model: ipad air
vendor: apple model: ipad

Showing Vulnerability to a Machine: Automated Prioritization of Software Vulnerabilities | Mandiant

Trust: 3.5

Fetched: Nov. 4, 2022, 7:58 p.m., Published: Nov. 7, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: symantec model: antivirus
vendor: symantec model: symantec antivirus
vendor: trend model: antivirus
vendor: trend model: security

WhatsApp Fixed Critical Vulnerabilities that Could Let an Attacker Hack Devices Remotely - Automatically Discover and Remediate Using VMDR Mobile | Qualys Security Blog

Trust: 4.5

Fetched: Nov. 4, 2022, 7:58 p.m., Published: Oct. 3, 2022, 9:19 a.m.
 Vulnerabilities: integer overflow, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2022-36934, CVE-2022-27492

Export software vulnerabilities assessment per device | Microsoft Learn

Trust: 3.5

Fetched: Nov. 4, 2022, 7:53 p.m., Published: Oct. 19, 2022, 9:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2020-16011, CVE-2020-26971, CVE-2020-15992

RBR10 / RBS10 Firmware Version 2.7.4.24 | Answer | NETGEAR Support

Trust: 3.0

Fetched: Nov. 4, 2022, 5:54 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: netgear model: rbr10
vendor: netgear model: rbs10

OESIS Framework October 18, 2022 Release - OPSWAT

Related entries in the VARIoT vulnerabilities database: VAR-202012-0013, VAR-201912-0489, VAR-202012-0006, VAR-201912-0629, VAR-201912-0525, VAR-202012-0007, VAR-201912-0638, VAR-202210-0635, VAR-201912-0122

Trust: 3.5

Fetched: Nov. 4, 2022, 5:52 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: itunes
vendor: apple inc. model: safari
vendor: apple inc. model: itunes
db: NVD ids: CVE-2019-6774, CVE-2022-33746, CVE-2022-33748, CVE-2020-10002, CVE-2019-6773, CVE-2020-6495, CVE-2019-8550, CVE-2019-13701, CVE-2022-28762, CVE-2019-13717, CVE-2019-13702, CVE-2019-13719, CVE-2019-6767, CVE-2019-13715, CVE-2019-13714, CVE-2019-13718, CVE-2018-18447, CVE-2019-13706, CVE-2019-13699, CVE-2019-13700, CVE-2019-6765, CVE-2019-13710, CVE-2020-17380, CVE-2020-10010, CVE-2019-8625, CVE-2019-6775, CVE-2019-13703, CVE-2020-6493, CVE-2019-6771, CVE-2018-18446, CVE-2019-8719, CVE-2020-10011, CVE-2022-39288, CVE-2022-3140, CVE-2019-13716, CVE-2019-9850, CVE-2019-8674, CVE-2019-13708, CVE-2019-6769, CVE-2020-2778, CVE-2019-6764, CVE-2019-6770, CVE-2019-6768, CVE-2022-41032, CVE-2019-13709, CVE-2019-13723, CVE-2019-9851, CVE-2019-8813, CVE-2019-6766, CVE-2019-9855, CVE-2019-13704, CVE-2019-6772

CVE-2022-40202 Deltaww Infrasuite Device Master - SecAlerts - Security vulnerabilities in your inbox

Trust: 5.0

Fetched: Nov. 4, 2022, 5:52 p.m., Published: Nov. 9, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-40202

CVE-2022-41629 Deltaww Infrasuite Device Master - SecAlerts - Security vulnerabilities in your inbox

Trust: 3.0

Fetched: Nov. 4, 2022, 5:51 p.m., Published: Nov. 9, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-41629

CN112528295A - Vulnerability repairing method and device of industrial control system - Google Patents

Trust: 4.25

Fetched: Nov. 4, 2022, 5:49 p.m., Published: Dec. 22, 2020, midnight
 Vulnerabilities: buffer overflow, directory traversal, denial of service...
Affected productsExternal IDs
vendor: trend model: security

What You Should Know about the New OpenSSL Vulnerability - Security Boulevard

Trust: 3.0

Fetched: Nov. 4, 2022, 5:47 p.m., Published: Oct. 31, 2022, 7:38 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

iPhone and iPad devices face serious security vulnerabilities after the new iOS 16 and iPadOS 16 updates - Market for Phones

Trust: 3.75

Fetched: Nov. 4, 2022, 5:46 p.m., Published: Oct. 30, 2022, 5:37 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: ipad air