Sign-up

VARIoT news about IoT security

Critical Vulnerability (CVE-2021-44228, CVE-2021-45046) in Apache log4j Library | Office of the Chief Information Security Officer

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0562, VAR-202112-0566

Trust: 3.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 12, 2021, 3:30 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-45046, CVE-2021-44228

Apache Log4j Flaw: Best Practices to Respond to the Vulnerability of the Decade | Toolbox It Security

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 20, 2021, 3:44 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Researchers detect hundreds of thousands of Log4j cyberattack attempts - SiliconANGLE

Trust: 3.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 13, 2021, 6:06 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco systems model: cisco systems
vendor: cisco systems model: series
vendor: check point model: check point
vendor: cisco model: cisco systems
vendor: cisco model: series
vendor: check point software technologies model: check point

10 vendors affected by the log4j vulnerability - Security - CRN Australia

Trust: 3.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Jan. 10, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: symantec model: endpoint protection
vendor: symantec model: symantec endpoint protection
vendor: broadcom model: api gateway
vendor: broadcom model: broadcom
vendor: cisco model: webex meetings
vendor: cisco model: cisco webex meetings
vendor: cisco model: webex
vendor: cisco model: cisco video surveillance operations manager
vendor: cisco model: meetings server
vendor: cisco model: video surveillance operations manager
vendor: cisco model: unified communications
vendor: cisco model: cisco webex
vendor: cisco model: cisco webex meetings server
vendor: cisco model: webex meetings server
vendor: cisco model: nexus

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | KFYR Radio

Trust: 3.0

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Jan. 17, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Warning to Windows users after security hole is found which leaves computers vulnerable to hackers despite TWO updates

Related entries in the VARIoT vulnerabilities database: VAR-202111-0697

Trust: 3.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 12, 2021, 6:56 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: google model: android
db: NVD ids: CVE-2021-41379

Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability | ZDNet

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782

Trust: 4.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105

Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 6.0

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 11, 2021, 4:18 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
db: NVD ids: CVE-2021-44228

Microsoft Urges Customers to Patch Recent Active Directory Vulnerabilities | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202111-0660

Trust: 3.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Jan. 16, 2022, midnight
 Vulnerabilities: security bypass, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-42278, CVE-2021-42287

Log4j under siege, millions of devices vulnerable | CIO Dive

Trust: 3.0

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 14, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

Security Vulnerabilities Discovered in HP’s 150 Multi-function Printers

Trust: 5.25

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 1, 2021, 10:43 a.m.
 Vulnerabilities: buffer overflow, cross-site scripting, information disclosure...
Affected productsExternal IDs
vendor: hewlett packard model: hp laserjet
vendor: hewlett packard model: hewlett packard
vendor: hewlett packard model: laserjet
db: NVD ids: CVE-2021-39237, CVE-2021-39238

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | WMMB-AM

Trust: 3.0

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

ShareScan and Log4j vulnerability (CVE-2021-44228) - Kofax

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.0

Fetched: Dec. 27, 2021, 1:07 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

How Log4j Vulnerability Could Impact You

Related entries in the VARIoT vulnerabilities database: VAR-202112-2011, VAR-202112-0566

Trust: 4.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 12, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: serve model: serve
db: NVD ids: CVE-2021-44832, CVE-2021-44228

Log4Shell: How to detect the Log4j vulnerability in your applications | InfoWorld

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.0

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 10, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

300,000 MikroTik routers are ticking security time bombs, researchers say | Ars Technica

Related entries in the VARIoT vulnerabilities database: VAR-201808-0384, VAR-201910-0546, VAR-201910-0547

Trust: 3.5

Fetched: Dec. 27, 2021, 1:07 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: mikrotik
vendor: mikrotik model: winbox
vendor: mikrotik model: routers
db: NVD ids: CVE-2018-14847, CVE-2019-3977, CVE-2019-3978

Critical Log4j Vulnerability Affects Millions of Applications - Lansweeper

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0562, VAR-202112-0566

Trust: 4.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 15, 2021, 2:45 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
db: NVD ids: CVE-2021-45105, CVE-2021-45046, CVE-2021-44228

A chip flaw left a third of all smartphones vulnerable to spying | CyberNews

Trust: 4.75

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Nov. 24, 2021, 1:39 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: check point model: check point

Circonus Assessment Regarding the Log4j Vulnerability (CVE-2021-44228) - Circonus Industry

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.25

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 17, 2021, 11:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Bypass TCC via privileged helpers aka CVE-2020-10008

Related entries in the VARIoT vulnerabilities database: VAR-202104-0001

Trust: 4.0

Fetched: Dec. 27, 2021, 1:07 p.m., Published: Dec. 7, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2020-10008