VARIoT latest news about IoT security

Bluetooth - Wikipedia Trust: 3.25 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	broadcom	model:	linux
vendor:	broadcom	model:	anti-virus
vendor:	apple	model:	macbook air
vendor:	apple	model:	mac os x
vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	apple	model:	macbook
vendor:	apple	model:	mac os
vendor:	google	model:	wifi
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	notes
vendor:	samsung	model:	mobile
vendor:	samsung	model:	galaxy s8
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	mobile phones
vendor:	netbsd	model:	current
vendor:	motorola	model:	android
vendor:	motorola	model:	motorola
vendor:	sony	model:	playstation
vendor:	sony	model:	playstation 3
vendor:	sony	model:	camera
vendor:	trend	model:	security
vendor:	nokia	model:	series

Apple have released a fix for the first two zero-day vulnerabilities of 2022 - Affecting MacOS, iOS and iPadOS devices - VISO Related entries in the VARIoT vulnerabilities database: VAR-202201-0567, VAR-202201-0423, VAR-202201-0424, VAR-202201-0554, VAR-202201-0561, VAR-202201-0304, VAR-202201-0322 Trust: 5.75 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: memory corruption, code execution

Affected products

External IDs

vendor:	apple	model:	safari
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2022-22590, CVE-2022-22579, CVE-2022-22589, CVE-2022-22594, CVE-2022-22587, CVE-2022-22592, CVE-2022-22584

Apple Patches Actively Exploited Zero-Day Vulnerability in iOS and macOS Devices - Adwareinfo.com Trust: 3.25 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

How Many IoT Devices Are There in 2022? [More than Ever!] Trust: 3.25 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	series
vendor:	mesh	model:	mesh
vendor:	google	model:	google home
vendor:	google	model:	home
vendor:	google	model:	wifi

How Hidden Vulnerabilities will Lead to Mobile Device Compromises - Attackware.com Trust: 5.0 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: session hijacking

Affected products

External IDs

vendor:

google

model:

wifi

Microsoft patches about 100 vulnerabilities, 9 of them critical \| Kaspersky official blog Related entries in the VARIoT vulnerabilities database: VAR-202201-0640 Trust: 3.0 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: privilege escalation, code execution, denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2022-21833, CVE-2022-21919, CVE-2022-21836, CVE-2022-21839, CVE-2022-21846, CVE-2022-21857

Rapid7 reports on five vulnerabilities in SonicWall SMA 100 devices, one an RCE - NewsBreak Trust: 3.0 Fetched: Jan. 31, 2022, 10:16 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

sonicwall

model:

sma 100

'DoorLock' Vulnerability Can Force iOS Devices to Endlessly Reboot \| HITBSecNews Trust: 3.25 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: -

Affected products	External IDs

CISA adds 17 vulnerabilities to list of bugs exploited in attacks - Newsworthy News Global Political Local New Site Related entries in the VARIoT vulnerabilities database: VAR-202103-0965 Trust: 4.5 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: os command injection, information disclosure, denial of service...

Affected products

External IDs

vendor:	node.js	model:	node.js
vendor:	solarwinds	model:	serv-u

db:

NVD

ids:

CVE-2006-1547, CVE-2021-40870, CVE-2021-32648, CVE-2020-11978, CVE-2021-33766, CVE-2021-21315, CVE-2021-22991, CVE-2021-25298, CVE-2018-8453, CVE-2012-0391, CVE-2021-25296, CVE-2021-35247, CVE-2020-13671, CVE-2020-14864, CVE-2021-21975, CVE-2021-25297, CVE-2020-13927

McAfee Agent Software vulnerable to privilege escalation on Windows Devices - Cybermetrics Trust: 4.0 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: code execution, privilege escalation

Affected products

External IDs

db:

NVD

ids:

CVE-2022-0166, CVE-2020-7315

SOTI Discussion Forum Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-2011, VAR-202112-1782, VAR-202112-0566 Trust: 3.0 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-45046, CVE-2021-44832, CVE-2021-45105, CVE-2021-44228

Top 5 Vulnerability Scanners You Need to Patrol Security Grids Trust: 3.5 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: configuration vulnerability, sql injection, cross-site scripting

Affected products	External IDs

7 Network Vulnerability Scanner for Small to Enterprise Business Trust: 3.5 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: weak password, sql injection

Affected products

External IDs

vendor:	cisco	model:	umbrella
vendor:	cisco	model:	guard

Over 50% internet-connected devices in hospitals vulnerable to cybercrime: Report - What an Investor! Trust: 3.0 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: -

Affected products	External IDs

More Than Half of Medical Devices Have Critical Vulnerabilities \| News \| Communications of the ACM Trust: 3.0 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: -

Affected products	External IDs

Update now! Chrome patches critical RCE vulnerability in Safe Browsing \| Malwarebytes Labs Trust: 5.5 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: code execution, use after free

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

db:

NVD

ids:

CVE-2022-0096, CVE-2022-0289

More than half of medical devices found to have critical vulnerabilities Trust: 4.75 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: default credentials

Affected products

External IDs

vendor:

google

model:

home

Weekly Threat Report 14th January 2022 - NCSC.GOV.UK Related entries in the VARIoT vulnerabilities database: VAR-202112-0361 Trust: 6.25 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:

sonicwall

model:

sma 100

db:

NVD

ids:

CVE-2021-20038

General security information - LANCOM Systems GmbH Related entries in the VARIoT vulnerabilities database: VAR-202105-1476, VAR-201906-1175, VAR-202002-0458, VAR-202105-1431, VAR-202101-1926, VAR-201906-1176, VAR-202105-1477, VAR-202109-1802, VAR-202112-0566, VAR-202105-1475, VAR-202012-0485, VAR-201906-1174 Trust: 4.25 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: denial of service, code execution

Affected products

External IDs

vendor:	google	model:	wifi
vendor:	broadcom	model:	linux
vendor:	mesh	model:	mesh
vendor:	kcodes	model:	netusb

db:

NVD

ids:

CVE-2020-26144, CVE-2021-45388, CVE-2019-11477, CVE-2020-15778, CVE-2019-15126, CVE-2020-25112, CVE-2020-24588, CVE-2021-3156, CVE-2020-24338, CVE-2020-25111, CVE-2020-3702, CVE-2019-11478, CVE-2020-26146, CVE-2021-40438, CVE-2021-44228, CVE-2021-31538, CVE-2020-26147, CVE-2020-24336, CVE-2019-11479

Log4j: Zeroing in on Fundamentals to Minimize Log4j Vulnerability \| Mindtree Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 3.75 Fetched: Jan. 25, 2022, 12:14 p.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228

VARIoT news about IoT security