VARIoT latest news about IoT security

Cisco vulnerability could cause your firewalls to fail \| TechRadar Related entries in the VARIoT vulnerabilities database: VAR-202110-1796 Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 23, 2021, 3:20 a.m.	Vulnerabilities: denial of service, buffer overflow

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2021-34704

What are Android security updates, and why do they matter? Trust: 3.5 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 19, 2021, 5:22 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	note
vendor:	samsung	model:	galaxy
vendor:	samsung	model:	android phone
vendor:	samsung	model:	samsung galaxy
vendor:	samsung	model:	notes
vendor:	samsung	model:	samsung
vendor:	samsung	model:	mobile
vendor:	samsung	model:	galaxy note
vendor:	nokia	model:	nokia
vendor:	nokia	model:	series
vendor:	oneplus	model:	oneplus
vendor:	oneplus	model:	one
vendor:	google	model:	android
vendor:	google	model:	pixel

New Critical Vulnerabilities Found on Nucleus TCP/IP Stack - Security Boulevard Related entries in the VARIoT vulnerabilities database: VAR-202111-1605, VAR-202103-0365 Trust: 5.25 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 9, 2021, 11 a.m.	Vulnerabilities: denial of service, information leak, code execution

Affected products

External IDs

vendor:	siemens	model:	nucleus
vendor:	siemens	model:	nucleus net
vendor:	siemens	model:	nucleus rtos

db:

NVD

ids:

CVE-2021-31886, CVE-2016-20009

A Study Reveals That A Vulnerability Found In MediaTek Chips Is Leaving Smartphone Microphones Completely Wide Open To Foreign Threats / Digital Information World Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

Synopsys Research Finds Vulnerabilities in 97% of Applications - EE Times Asia Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 18, 2021, 1:09 a.m.	Vulnerabilities: cross-site scripting

Affected products	External IDs

UK ISP Sky Left 6 Million Routers Vulnerable to Attack for Nearly 18 Months Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 22, 2021, 5:55 p.m.	Vulnerabilities: brute force attack, default credentials

Affected products	External IDs

Mediatek vulnerability in Android phones fixed \| IT Security News Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 29, 2021, 6:12 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

check point

model:

check point

Cisco : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202110-1352, VAR-202110-0618, VAR-202109-0622, VAR-202111-0393, VAR-202108-0824, VAR-202111-0418, VAR-202110-1366, VAR-202110-1367, VAR-202109-0623, VAR-202110-0211, VAR-202110-1350, VAR-202110-1393, VAR-202111-0412, VAR-202110-0213, VAR-202110-1297, VAR-202110-1305, VAR-202110-1376, VAR-202110-0622, VAR-202111-0419, VAR-202111-1196, VAR-202111-0401, VAR-202111-0417, VAR-202110-1065, VAR-202110-1392, VAR-202110-1354, VAR-202111-0664, VAR-202110-1351, VAR-202110-0203, VAR-202110-1395, VAR-202110-1402, VAR-202110-1286, VAR-202109-0618, VAR-202108-0823, VAR-202111-1197, VAR-202110-1377, VAR-202109-0624, VAR-202110-0617, VAR-202110-0209, VAR-202110-1353, VAR-202110-0212, VAR-202110-1375, VAR-202110-0623, VAR-202111-0413, VAR-202111-1198, VAR-202110-1394, VAR-202109-0631, VAR-202110-0619, VAR-202109-0617, VAR-202111-0400, VAR-202110-1298 Trust: 5.25 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 2, 2021, midnight	Vulnerabilities: cross-site request forgery, resource exhaustion, request forgery...

Affected products

External IDs

vendor:	cisco	model:	unified communications
vendor:	cisco	model:	cisco policy suite
vendor:	cisco	model:	anyconnect secure mobility client
vendor:	cisco	model:	cisco unified communications manager
vendor:	cisco	model:	webex
vendor:	cisco	model:	webex meetings
vendor:	cisco	model:	cisco webex
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	policy suite
vendor:	cisco	model:	cisco telepresence
vendor:	cisco	model:	dna center
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	cisco web security appliance
vendor:	cisco	model:	telepresence management suite
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	roomos
vendor:	cisco	model:	cisco meeting
vendor:	cisco	model:	unified communications manager session management edition
vendor:	cisco	model:	common services platform collector
vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	prime infrastructure
vendor:	cisco	model:	small business rv series routers
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	firepower
vendor:	cisco	model:	series routers
vendor:	cisco	model:	routers
vendor:	cisco	model:	nexus
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	meeting server
vendor:	cisco	model:	telepresence collaboration endpoint
vendor:	cisco	model:	cisco prime infrastructure
vendor:	cisco	model:	telepresence
vendor:	cisco	model:	cisco telepresence management suite
vendor:	cisco	model:	series
vendor:	cisco	model:	unified communications manager
vendor:	cisco	model:	cisco evolved programmable network manager
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	cisco roomos
vendor:	cisco	model:	cisco webex meetings
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	umbrella
vendor:	cisco	model:	meeting
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	webex video mesh
vendor:	cisco	model:	web security appliance
vendor:	cisco	model:	cisco anyconnect secure mobility client
vendor:	cisco	model:	cisco meeting server
vendor:	cisco	model:	cisco identity services engine
vendor:	cisco	model:	evolved programmable network manager
vendor:	cisco	model:	small business
vendor:	cisco	model:	cisco small business
vendor:	cisco	model:	small business rv
vendor:	mesh	model:	mesh
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2021-40116, CVE-2021-40122, CVE-2021-34746, CVE-2021-40126, CVE-2021-34749, CVE-2021-34774, CVE-2021-34764, CVE-2021-34763, CVE-2021-34759, CVE-2021-34758, CVE-2021-40118, CVE-2021-34790, CVE-2021-40124, CVE-2021-34772, CVE-2021-34756, CVE-2021-34761, CVE-2021-34793, CVE-2021-34789, CVE-2021-34773, CVE-2021-40131, CVE-2021-40115, CVE-2021-34784, CVE-2021-34762, CVE-2021-34791, CVE-2021-34787, CVE-2021-40119, CVE-2021-40117, CVE-2021-34782, CVE-2021-34781, CVE-2021-40125, CVE-2021-34754, CVE-2021-34786, CVE-2021-34745, CVE-2021-40130, CVE-2021-34792, CVE-2021-34765, CVE-2009-1234, CVE-2021-40123, CVE-2021-34748, CVE-2021-40114, CVE-2021-34766, CVE-2021-34794, CVE-2021-34760, CVE-2021-40120, CVE-2021-40129, CVE-2021-34783, CVE-2021-34771, CVE-2021-40121, CVE-2021-34785, CVE-2021-40128, CVE-2021-34755

Exploited Software Vulnerability in Google Android Trust: 4.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 3, 2021, 6:39 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2021-1048

Apple Just Released an Emergency Patch. Update Your Device Related entries in the VARIoT vulnerabilities database: VAR-202108-1057 Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Sept. 14, 2021, 2:43 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	ipod touch
vendor:	apple	model:	watchos
vendor:	apple	model:	ipad air
vendor:	apple	model:	macos
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2021-30860

Security Advisory - Privilege Escalation Vulnerability in Huawei Product Related entries in the VARIoT vulnerabilities database: VAR-202111-1435 Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 5, 2022, midnight	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	huawei	model:	cloudengine 7800
vendor:	huawei	model:	huawei
vendor:	huawei	model:	cloudengine 5800
vendor:	huawei	model:	cloudengine 12800
vendor:	huawei	model:	cloudengine 6800
vendor:	huawei	model:	cloudengine

db:

NVD

ids:

CVE-2021-39976

Cisco Access Points SSH Management Privilege Escalation Vulnerability - Cisco Trust: 4.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Sept. 22, 2021, 11:54 a.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	cisco	model:	access points
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	wireless controller
vendor:	cisco	model:	wireless lan controller
vendor:	cisco	model:	catalyst 9800

Report: Applications and critical data vulnerable to attack \| VentureBeat Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 24, 2021, 9:48 p.m.	Vulnerabilities: cross-site scripting

Affected products	External IDs

Hackers Exploit Microsoft Exchange Vulnerabilities To Drop Babuk Ransomware Trust: 4.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 6, 2021, 8:23 a.m.	Vulnerabilities: command execution, code execution, request forgery...

Affected products	External IDs

'Hackers' manage to exploit a vulnerability in Windows 11 and all versions of the operating system - Market Research Telecast Related entries in the VARIoT vulnerabilities database: VAR-202111-0697 Trust: 3.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, 1:03 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-41379

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Trust: 4.25 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 7, 2022, 7:33 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

A Mediatek security vulnerability makes your phone susceptible for hackers to track you via audio - Technophile Trust: 4.0 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 26, 2021, 1:13 p.m.	Vulnerabilities: privilege escalation

Affected products	External IDs

Apple's security fix: Protect your iPhone from Pegasus now - CNET Trust: 3.5 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	watch
vendor:	apple	model:	watchos
vendor:	apple	model:	macos
vendor:	apple	model:	iphone

Vulnerability in Cisco security devices could cause firewalls to fail Related entries in the VARIoT vulnerabilities database: VAR-202005-0685, VAR-202110-1796, VAR-202005-0696, VAR-202007-1057 Trust: 5.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 23, 2021, 6:15 p.m.	Vulnerabilities: denial of service, buffer overflow

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	device manager
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2020-3187, CVE-2021-34704, CVE-2020-3259, CVE-2020-3452

Update now! Mozilla fixes security vulnerabilities in Firefox 94 \| Malwarebytes Labs Trust: 3.75 Fetched: Nov. 29, 2021, 2:59 p.m., Published: Nov. 3, 2021, 2:23 p.m.	Vulnerabilities: memory corruption, cross-site scripting, use after free

Affected products

External IDs

db:

NVD

ids:

CVE-2021-38504, CVE-2021-38507, CVE-2021-38505, CVE-2021-38506, CVE-2021-38503

VARIoT news about IoT security