Sign-up

VARIoT news about IoT security

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 23, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

How serious is the Log4j vulnerability? | SecureTeam

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 15, 2021, 10:50 a.m.
 Vulnerabilities: injection attack, sql injection
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone
db: NVD ids: CVE-2021-44228, CVE-2021-45046

NVD - CVE-2021-34362

Trust: 4.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Aug. 20, 2021, midnight
 Vulnerabilities: os command injection, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2021-34362

Vulnerability management - Microsoft Service Assurance | Microsoft Docs

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Nov. 17, 2021, 10:47 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Huawei : Security vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202112-0231, VAR-202112-0344, VAR-202112-0226, VAR-202112-0252, VAR-202112-0342, VAR-202112-0227, VAR-202112-0232, VAR-202112-0246, VAR-202112-0263, VAR-202109-1644, VAR-202112-0242, VAR-202112-0243, VAR-202112-0253, VAR-202112-0256, VAR-202112-0336, VAR-202112-0222, VAR-202112-0244, VAR-202112-0248, VAR-202112-0327, VAR-202112-0230, VAR-202112-0262, VAR-202112-0235, VAR-202112-0251, VAR-202112-0238, VAR-202112-0245, VAR-202112-0133, VAR-202112-0239, VAR-202112-0391, VAR-202110-1355, VAR-202109-1645, VAR-202112-0223, VAR-202112-0343, VAR-202112-0229, VAR-202112-0249, VAR-202112-0254, VAR-202112-0237, VAR-202112-0240, VAR-202112-0224, VAR-202112-0345, VAR-202112-0241, VAR-202111-1276, VAR-202112-0234, VAR-202112-0236, VAR-202112-0247, VAR-202112-0233, VAR-202112-0228, VAR-202112-0250, VAR-202112-0255, VAR-202112-0225, VAR-202110-1301

Trust: 5.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: pointer dereference vulnerability, process crash, improper validation...
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: huawei model: fusioncompute
db: NVD ids: CVE-2021-37087, CVE-2021-37074, CVE-2021-37094, CVE-2021-37062, CVE-2021-37093, CVE-2021-37091, CVE-2021-37086, CVE-2021-37068, CVE-2021-37084, CVE-2021-37105, CVE-2021-37073, CVE-2021-37072, CVE-2021-37060, CVE-2021-37057, CVE-2021-37056, CVE-2021-37100, CVE-2021-37071, CVE-2021-37066, CVE-2021-37075, CVE-2021-37088, CVE-2021-37085, CVE-2021-37081, CVE-2021-37063, CVE-2021-37097, CVE-2021-37070, CVE-2021-37055, CVE-2021-37078, CVE-2021-37061, CVE-2021-37131, CVE-2021-37106, CVE-2021-37099, CVE-2021-37092, CVE-2021-37089, CVE-2021-37065, CVE-2021-37059, CVE-2021-37079, CVE-2021-37077, CVE-2021-37096, CVE-2021-37069, CVE-2021-37076, CVE-2021-37102, CVE-2021-37082, CVE-2021-37080, CVE-2021-37067, CVE-2021-37083, CVE-2021-37090, CVE-2021-37064, CVE-2021-37058, CVE-2021-37095, CVE-2021-37124

What Is Log4Shell? Log4j Vulnerability Explained | Perforce

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 16, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-4428

TOP LINE | Formaturas

Trust: 3.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: vivo model: vivo

How to secure Internet-connected devices from Log4j cyber threats

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs

New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 20, 2021, 2:56 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: apple model: iphone
vendor: huawei model: huawei
vendor: oneplus model: one
vendor: oneplus model: oneplus
vendor: samsung model: mobile
vendor: samsung model: samsung

Log4Shell Vulnerability Risks for OT Environments - and How You Can Better Protect Against Them

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 18, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: schneider model: monitor
db: NVD ids: CVE-2021-44228, CVE-2021-45046

FDA Warns of Apache Log4j Cybersecurity Vulnerabilities in Medical Devices - Campus Safety

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 21, 2021, 3:52 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Are your home security cameras vulnerable to hacking? - CNET

Trust: 3.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 13, 2021, 3 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: comcast model: comcast xfinity
vendor: comcast model: xfinity
vendor: amazon model: echo show
vendor: google model: home
vendor: ring model: ring

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities - Cisco

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 11, 2022, 10:54 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: firepower threat defense software
vendor: cisco model: firepower
vendor: cisco model: asa software
vendor: cisco model: adaptive security appliance
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: cisco firepower management center
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower management center
vendor: cisco model: adaptive security appliance software
vendor: cisco model: cisco adaptive security appliance software

[no-title]

Trust: 5.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: feature bypass, authentication vulnerability, code execution...
Affected productsExternal IDs
vendor: apple model: macos
vendor: nokia model: series
vendor: nokia model: nokia
vendor: nokia model: impact
vendor: cisco model: series switches
vendor: cisco model: cisco policy suite
vendor: cisco model: series
vendor: cisco model: catalyst
vendor: cisco model: policy suite
vendor: samsung model: samsung
vendor: samsung model: note 10
vendor: samsung model: galaxy s10
vendor: samsung model: printer
vendor: samsung model: notes
vendor: samsung model: galaxy s8
vendor: samsung model: note
vendor: samsung model: mobile devices
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
vendor: samsung model: mobile
vendor: samsung model: galaxy note10
vendor: samsung model: galaxy note
vendor: google model: android
vendor: google model: pixel xl
vendor: google model: chrome
vendor: google model: home
vendor: google model: pixel
vendor: google model: chromecast
vendor: asus model: asus
vendor: asus model: zenfone
vendor: comcast model: xfinity
vendor: oneplus model: one
vendor: oneplus model: oxygenos
vendor: oneplus model: oneplus
vendor: huawei model: nova
vendor: huawei model: emui
vendor: huawei model: mate
vendor: huawei model: mate 30
vendor: huawei model: huawei mate
vendor: huawei model: huawei
vendor: huawei model: honor
db: NVD ids: CVE-2021-38648, CVE-2021-42321, CVE-2021-28164, CVE-2021-42316, CVE-2021-42305, CVE-2021-22204, CVE-2021-42298, CVE-2021-38647, CVE-2021-42292

Major vulnerability in log4j - Immediate action required by all systems & web administrators and others : TechWeb : Blog Archive : Boston University

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 3, 2022, 8:01 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Critical Vulnerability (CVE-2021-44228, CVE-2021-45046) in Apache log4j Library | Information Technology Solutions

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 21, 2021, 12:30 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Log4j 2 Vulnerability & TPRM Implications - Blog - OneTrust

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 20, 2021, 5:31 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Widespread Log4j Remote Code Execution Vulnerability Could Affect Millions -- Redmondmag.com

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Critical Log4j Vulnerability Hits Everything, Including the IBM i Server - IT Jungle

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 15, 2021, 5:05 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
vendor: check point software technologies model: check point
vendor: node.js model: node.js
db: NVD ids: CVE-2021-44228

Countless Serves Are Vulnerable to Apache Log4j Zero-Day Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 10, 2021, 3:50 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228