VARIoT latest news about IoT security

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 14, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202109-1909, VAR-202008-0248 Trust: 5.5 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 13, 2021, 10 a.m.	Vulnerabilities: directory traversal, use after free, privilege escalation...

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome
vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	gateway
vendor:	citrix	model:	sd-wan wanop

db:

NVD

ids:

CVE-2021-28483, CVE-2019-1222, CVE-2021-28480, CVE-2021-26855, CVE-2020-12388, CVE-2021-28481, CVE-2020-3765, CVE-2021-28482, CVE-2020-27955, CVE-2021-44228, CVE-2018-4878, CVE-2021-17095, CVE-2019-19781, CVE-2021-40444, CVE-2019-1181, CVE-2020-16898, CVE-2019-1182, CVE-2021-42321, CVE-2021-30563, CVE-2019-0604, CVE-2019-1226, CVE-2020-1472, CVE-2019-0708, CVE-2020-0609, CVE-2020-17051, CVE-2020-0796, CVE-2020-6457, CVE-2020-0665

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Nov. 9, 2021, 10:06 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Log4j vulnerability explained in 10 points: What is it, should you be worried? Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 4.75 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 14, 2021, 12:55 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	apple	model:	iphone
vendor:	apple	model:	icloud
vendor:	oneplus	model:	oneplus
vendor:	oneplus	model:	one

db:

NVD

ids:

CVE-2021-44228

FreakOut Botnet Is Now Going After Vulnerable Video DVR Devices Trust: 5.5 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Oct. 13, 2021, 12:41 p.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:	genexis	model:	platinum
vendor:	genexis	model:	platinum 4410

db:

NVD

ids:

CVE-2021-2900, CVE-2019-12725, CVE-2020-15568, CVE-2020-25494, CVE-2020-28188

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 1, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 17, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Vulnerabilities in Internet of Things (IoT) Devices \| SecureCoding Trust: 4.5 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 22, 2021, 1:56 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

serve

model:

serve

7 Cloud Vulnerabilities Endangering Your Data! - Kratikal Trust: 4.5 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 13, 2021, 8:40 a.m.	Vulnerabilities: os command injection, command injection

Affected products

External IDs

vendor:

serve

model:

serve

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Nov. 9, 2021, 10:06 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 17, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Nov. 9, 2021, 10:06 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Researchers Uncover Software Flaws Leaving Medical Devices Vulnerable to Hackers - 24x7 Magazine - a MEDQOR brand Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Nov. 9, 2021, 9:37 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

Over 300,000 MikroTik Devices Found Vulnerable to Remote Hacking Bugs - The Hacker News - JN-66 Data Analytics Related entries in the VARIoT vulnerabilities database: VAR-201803-2171, VAR-201808-0384, VAR-201910-0546, VAR-201910-0547 Trust: 5.5 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 9, 2021, 1:05 p.m.	Vulnerabilities: buffer overflow, directory traversal, code execution

Affected products

External IDs

vendor:	hikvision	model:	hikvision
vendor:	mikrotik	model:	winbox
vendor:	mikrotik	model:	routers
vendor:	mikrotik	model:	mikrotik routers
vendor:	mikrotik	model:	routeros
vendor:	mikrotik	model:	mikrotik

db:

NVD

ids:

CVE-2018-7445, CVE-2018-14847, CVE-2021-36260, CVE-2019-3977, CVE-2019-3978

Research finds some medical devices vulnerable to hackers Trust: 3.0 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 8, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

siemens

model:

nucleus

'Extremely Bad' Log4Shell Vulnerability Gives Hackers Easy Access to Millions of Devices \| Tech Times Trust: 3.75 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 10, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

apple

model:

icloud

Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202109-1909, VAR-202008-0248 Trust: 5.5 Fetched: Dec. 28, 2021, 9:20 a.m., Published: -	Vulnerabilities: directory traversal, use after free, privilege escalation...

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome
vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	gateway
vendor:	citrix	model:	sd-wan wanop

db:

NVD

ids:

CVE-2021-28483, CVE-2019-1222, CVE-2021-28480, CVE-2021-26855, CVE-2020-12388, CVE-2021-28481, CVE-2020-3765, CVE-2021-28482, CVE-2020-27955, CVE-2021-44228, CVE-2018-4878, CVE-2021-17095, CVE-2019-19781, CVE-2021-40444, CVE-2019-1181, CVE-2020-16898, CVE-2019-1182, CVE-2021-42321, CVE-2021-30563, CVE-2019-0604, CVE-2019-1226, CVE-2020-1472, CVE-2019-0708, CVE-2020-0609, CVE-2020-17051, CVE-2020-0796, CVE-2020-6457, CVE-2020-0665

"These Vulnerabilities Could Leave Millions of Connected Medical Devices Open to Attack" \| CPS-VO Trust: 4.75 Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 13, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	siemens	model:	nucleus
vendor:	siemens	model:	nucleus net

Vulnerabilities identified in the Abode IOTA security system: Fake image injection into timeline Trust: 5.75 Fetched: Dec. 28, 2021, 9:20 a.m., Published: -	Vulnerabilities: command injection

Affected products

External IDs

vendor:	netgear	model:	orbi
vendor:	netgear	model:	router

db:

NVD

ids:

CVE-2020-8105

VARIoT news about IoT security