VARIoT latest news about IoT security

Linux : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202107-0788, VAR-202112-2255, VAR-202107-1361, VAR-202107-0793, VAR-202112-1696, VAR-202107-0790, VAR-202107-0791, VAR-202107-0789, VAR-202107-0792 Trust: 5.5 Fetched: May 13, 2022, 8:15 a.m., Published: May 13, 2050, midnight	Vulnerabilities: denial of service, buffer overflow, memory leak...

Affected products

External IDs

vendor:

acrn

model:

acrn

db:

NVD

ids:

CVE-2021-38202, CVE-2021-38206, CVE-2021-37576, CVE-2021-36143, CVE-2021-42327, CVE-2021-38198, CVE-2021-41073, CVE-2021-42739, CVE-2021-41864, CVE-2021-45485, CVE-2021-45480, CVE-2021-34556, CVE-2021-33909, CVE-2021-38199, CVE-2021-38205, CVE-2021-36148, CVE-2021-38160, CVE-2021-35477, CVE-2021-38207, CVE-2021-44733, CVE-2021-38204, CVE-2021-42252, CVE-2021-33624, CVE-2021-45486, CVE-2021-43976, CVE-2021-38209, CVE-2021-34693, CVE-2021-42008, CVE-2021-36145, CVE-2021-43975, CVE-2021-38200, CVE-2021-37159, CVE-2021-43057, CVE-2021-36146, CVE-2021-36144, CVE-2021-38203, CVE-2021-38300, CVE-2021-45095, CVE-2021-38166, CVE-2021-40490, CVE-2021-35039, CVE-2021-45469, CVE-2021-36147, CVE-2021-38208, CVE-2021-38201, CVE-2021-43267, CVE-2021-43389, CVE-2021-33200, CVE-2021-43056, CVE-2021-33034

Linux : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202107-0788, VAR-202107-0792, VAR-202107-0790, VAR-202112-1696, VAR-202107-0789, VAR-202107-1361, VAR-202107-0791, VAR-202107-0793, VAR-202112-2255 Trust: 5.5 Fetched: May 13, 2022, 8:15 a.m., Published: May 13, 2050, midnight	Vulnerabilities: pointer dereference bug, memory leak, information leak...

Affected products

External IDs

vendor:

acrn

model:

acrn

db:

NVD

ids:

CVE-2021-38202, CVE-2021-42252, CVE-2021-33200, CVE-2021-42739, CVE-2021-43975, CVE-2021-45469, CVE-2021-42008, CVE-2021-37576, CVE-2021-36143, CVE-2021-38201, CVE-2021-43267, CVE-2021-36147, CVE-2021-34556, CVE-2021-34693, CVE-2021-36145, CVE-2021-38199, CVE-2021-38207, CVE-2021-38160, CVE-2021-35477, CVE-2021-33624, CVE-2021-40490, CVE-2021-38209, CVE-2021-43057, CVE-2021-38206, CVE-2021-38200, CVE-2021-37159, CVE-2021-43056, CVE-2021-38166, CVE-2021-38208, CVE-2021-45480, CVE-2021-44733, CVE-2021-36144, CVE-2021-33034, CVE-2021-33909, CVE-2021-41073, CVE-2021-45095, CVE-2021-38205, CVE-2021-38198, CVE-2021-42327, CVE-2021-36146, CVE-2021-35039, CVE-2021-45486, CVE-2021-43389, CVE-2021-43976, CVE-2021-41864, CVE-2021-38204, CVE-2021-38300, CVE-2021-38203, CVE-2021-36148, CVE-2021-45485

BotenaGo botnet targets millions of IoT devices with 33 exploits Related entries in the VARIoT vulnerabilities database: VAR-202001-0633, VAR-201403-0306, VAR-202007-0064, VAR-201702-0952, VAR-201612-0015, VAR-202003-0363, VAR-202007-1256, VAR-202003-1707, VAR-201502-0201, VAR-201703-1017, VAR-201905-0651, VAR-201704-0303 Trust: 3.75 Fetched: May 13, 2022, 8:15 a.m., Published: May 13, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	comtrend	model:	vr-3033
vendor:	realtek	model:	realtek sdk

db:

NVD

ids:

CVE-2019-19824, CVE-2014-2321, CVE-2020-10987, CVE-2017-6077, CVE-2016-6277, CVE-2020-10173, CVE-2020-9377, CVE-2020-9054, CVE-2015-2051, CVE-2017-6334, CVE-2016-11021, CVE-2020-8958, CVE-2017-18368, CVE-2016-1555

Cisco IOS : List of security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-201903-0596, VAR-202009-1160, VAR-202006-1151, VAR-201903-0563, VAR-202103-0537, VAR-202006-1097, VAR-201810-0567, VAR-201810-0351, VAR-201810-0339, VAR-201810-0565, VAR-201903-0569, VAR-201909-1523, VAR-201909-0184, VAR-202006-1150, VAR-201909-0166, VAR-201909-0181, VAR-201810-0561, VAR-201909-0158, VAR-202006-1084, VAR-201903-0571, VAR-201903-0574, VAR-201903-0595, VAR-201810-0345, VAR-201903-0597, VAR-201909-0160, VAR-201903-0567, VAR-202109-0601, VAR-202006-1092, VAR-201901-0473, VAR-202103-0540, VAR-202006-1148, VAR-201909-0165, VAR-202006-1098, VAR-201909-0186, VAR-201810-0568, VAR-202103-0550, VAR-201903-0599, VAR-201903-0559, VAR-202109-0747, VAR-202006-1095, VAR-201903-0565, VAR-201903-0600, VAR-201909-0161, VAR-202103-0545, VAR-201903-0558, VAR-201903-0592, VAR-201810-0346, VAR-202009-0479, VAR-201810-0569, VAR-202006-1093 Trust: 5.25 Fetched: May 13, 2022, 8:15 a.m., Published: May 13, 2050, midnight	Vulnerabilities: improper memory handling, memory leak, cross-site scripting...

Affected products

External IDs

vendor:	cisco	model:	isr4451-x
vendor:	cisco	model:	isr g2
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	integrated services router
vendor:	cisco	model:	hsrp
vendor:	cisco	model:	routers
vendor:	cisco	model:	router
vendor:	cisco	model:	iox application
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	4451-x integrated services router
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios software
vendor:	cisco	model:	series
vendor:	cisco	model:	integrated services routers
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	cisco iox
vendor:	cisco	model:	isr4451
vendor:	cisco	model:	catalyst 6500
vendor:	cisco	model:	cisco iox application
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	series switches
vendor:	cisco	model:	catalyst 6500 series
vendor:	cisco	model:	catalyst cdb-8p switches
vendor:	cisco	model:	4451-x
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	catalyst 2960-l series switches
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	industrial integrated services routers
vendor:	cisco	model:	ios xr software

db:

NVD

ids:

CVE-2019-1747, CVE-2020-3476, CVE-2020-3200, CVE-2019-1752, CVE-2021-1392, CVE-2020-3230, CVE-2018-15375, CVE-2018-0485, CVE-2018-0466, CVE-2018-15373, CVE-2019-1758, CVE-2019-12665, CVE-2019-12670, CVE-2020-3204, CVE-2019-12656, CVE-2019-12668, CVE-2018-15369, CVE-2019-12649, CVE-2020-3217, CVE-2019-1756, CVE-2019-1762, CVE-2019-1746, CVE-2018-0473, CVE-2019-1740, CVE-2019-12650, CVE-2019-1751, CVE-2021-34705, CVE-2020-3225, CVE-2018-0484, CVE-2021-1377, CVE-2020-3201, CVE-2019-12655, CVE-2020-3231, CVE-2019-12672, CVE-2018-15376, CVE-2021-1391, CVE-2019-1739, CVE-2019-1748, CVE-2021-34699, CVE-2020-3228, CVE-2019-1757, CVE-2019-1738, CVE-2019-12651, CVE-2021-1385, CVE-2019-1761, CVE-2019-1737, CVE-2018-0475, CVE-2019-16009, CVE-2018-15377, CVE-2020-3226

Google Android : List of security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202112-0360, VAR-202201-1691, VAR-202201-0998, VAR-202201-0999 Trust: 4.25 Fetched: May 13, 2022, 8:15 a.m., Published: May 13, 2050, midnight	Vulnerabilities: use after free, improper access control, improper validation...

Affected products

External IDs

vendor:	google	model:	wifi
vendor:	google	model:	android
vendor:	samsung	model:	mobile
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	samsung
vendor:	samsung	model:	exynos
vendor:	samsung	model:	knox

db:

NVD

ids:

CVE-2021-39641, CVE-2021-39636, CVE-2021-25513, CVE-2021-39655, CVE-2021-30162, CVE-2021-25518, CVE-2021-27901, CVE-2021-30161, CVE-2021-25514, CVE-2022-22269, CVE-2021-39623, CVE-2021-39646, CVE-2021-39644, CVE-2021-38591, CVE-2021-25517, CVE-2021-39620, CVE-2021-39656, CVE-2021-25519, CVE-2021-39651, CVE-2021-39622, CVE-2021-39647, CVE-2021-39642, CVE-2021-26687, CVE-2022-22270, CVE-2022-22266, CVE-2022-22264, CVE-2021-39645, CVE-2021-39649, CVE-2021-39639, CVE-2022-22267, CVE-2022-22272, CVE-2021-39648, CVE-2022-22268, CVE-2021-26689, CVE-2021-39625, CVE-2021-39653, CVE-2021-39637, CVE-2021-39618, CVE-2021-39638, CVE-2021-39643, CVE-2021-39652, CVE-2021-39628, CVE-2022-22263, CVE-2021-25516, CVE-2022-22271, CVE-2021-25515, CVE-2021-39640, CVE-2021-25512, CVE-2021-39650, CVE-2021-39657

Security Firm Warns These Major UEFI BIOS Security Flaws Affect Millions Of Devices \| HotHardware Trust: 4.5 Fetched: May 13, 2022, 8:15 a.m., Published: May 2, 2022, midnight	Vulnerabilities: memory corruption, privilege escalation

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	lenovo	model:	updates
vendor:	lenovo	model:	system
vendor:	lenovo	model:	bios

Two Dozen UEFI Vulnerabilities Impact Millions of Devices From Major Vendors_HackDig Trust: 4.75 Fetched: May 13, 2022, 8:15 a.m., Published: Feb. 1, 2022, 4:53 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	siemens	model:	ip camera
vendor:	lenovo	model:	system
vendor:	lenovo	model:	edge

SureMDM Vulnerabilities Exposed Companies to Supply Chain Attacks \| SecurityWeek.Com Trust: 3.5 Fetched: May 13, 2022, 8:15 a.m., Published: May 13, 2022, midnight	Vulnerabilities: code execution, command injection, privilege escalation

Affected products	External IDs

Ransomware hackers are targeting unpatched systems, supply chain networks: Report Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202102-0898 Trust: 3.75 Fetched: May 13, 2022, 8:15 a.m., Published: May 13, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

trend

model:

security

db:

NVD

ids:

CVE-2021-28799, CVE-2021-44228, CVE-2021-30116, CVE-2021-20016

How secure are your network peripherals? Trust: 4.5 Fetched: May 13, 2022, 8:15 a.m., Published: Jan. 31, 2022, midnight	Vulnerabilities: code execution, buffer overflow

Affected products	External IDs

Security Advisory - Laser Command Injection Vulnerability on Huawei Terminals Trust: 4.25 Fetched: May 13, 2022, 8:15 a.m., Published: Jan. 26, 2022, 1 a.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:

huawei

model:

huawei

New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks Trust: 4.25 Fetched: May 13, 2022, 8:15 a.m., Published: Jan. 31, 2022, midnight	Vulnerabilities: code execution

Affected products	External IDs

New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks - News Nation USA Trust: 3.25 Fetched: May 13, 2022, 8:15 a.m., Published: May 13, 2042, midnight	Vulnerabilities: code execution

Affected products	External IDs

Windows vulnerability with new public exploits lets you become admin Related entries in the VARIoT vulnerabilities database: VAR-202201-0580, VAR-202102-0786 Trust: 4.0 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2022, midnight	Vulnerabilities: privilege elevation

Affected products

External IDs

db:

NVD

ids:

CVE-2022-21882, CVE-2021-1732

Deadbolt Ransomware Exploits QNAP Vulnerability Patched in December Trust: 3.0 Fetched: May 13, 2022, 8:12 a.m., Published: Dec. 13, 2022, midnight	Vulnerabilities: code execution

Affected products	External IDs

Ripple20 vulnerabilities still plaguing IoT devices Trust: 3.75 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2020, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	series
vendor:	treck	model:	tcp/ip stack

Medical device vulnerability scoring flaws put patients’ lives at risk Related entries in the VARIoT vulnerabilities database: VAR-201906-1020 Trust: 4.0 Fetched: May 13, 2022, 8:12 a.m., Published: July 13, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

medtronic

model:

paradigm

db:

NVD

ids:

CVE-2019-10964

CVE-2020-6925, CVE-2020-6926, CVE-2020-6927: Multiple Vulnerabilities in HP Device Manager - Blog \| Tenable® Trust: 3.75 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2066, midnight	Vulnerabilities: command execution

Affected products

External IDs

db:

NVD

ids:

CVE-2020-6927, CVE-2020-6926, CVE-2020-6925

Everything You Need to Know to Stay Secure Trust: 4.5 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2016, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	google	model:	android
vendor:	trend micro	model:	security
vendor:	trend	model:	security

Log4j Vulnerability: 100s of Exposed Packages in Maven Central \| JFrog Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562 Trust: 3.0 Fetched: May 13, 2022, 8:12 a.m., Published: May 13, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228, CVE-2021-45046

VARIoT news about IoT security