Sign-up

VARIoT news about IoT security

NVD - CVE-2021-44228

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Jan. 18, 2022, 11:49 a.m., Published: Jan. 12, 2022, 1:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: prime_service_catalog
vendor: cisco model: virtual_topology_system
vendor: cisco model: unified_contact_center_enterprise
vendor: cisco model: finesse
vendor: cisco model: unified_communications_manager_im_and_presence_service
vendor: cisco model: unified_contact_center_express
vendor: cisco model: evolved_programmable_network_manager
vendor: cisco model: fog_director
vendor: cisco model: unity_connection
vendor: cisco model: unified_customer_voice_portal
vendor: cisco model: webex_meetings_server
vendor: cisco model: unified_communications_manager
vendor: cisco model: sd-wan_vmanage
vendor: cisco model: ucs_director
vendor: cisco model: identity_services_engine
vendor: cisco model: virtualized_voice_browser
vendor: cisco model: data_center_network_manager
vendor: cisco model: emergency_responder
vendor: cisco model: video_surveillance_operations_manager
vendor: cisco model: integrated_management_controller_supervisor
vendor: cisco model: connected_mobile_experiences
db: NVD ids: CVE-2021-44228

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Lenovo ThinkPads vulnerable to privilege escalation exploit, researchers warn | IT PRO

Related entries in the VARIoT vulnerabilities database: VAR-202112-2486, VAR-202112-2487

Trust: 4.75

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: lenovo model: system
vendor: lenovo model: power management
vendor: lenovo model: updates
vendor: lenovo model: thinkpad
db: NVD ids: CVE-2021-3922, CVE-2021-3969

Log4J Vulnerability: The Flaw and the Fix

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Critical RCE Vulnerability: log4j - CVE-2021-44228

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566

Trust: 4.5

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 18, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: tesla model: model
vendor: serve model: serve
db: NVD ids: CVE-2021-45105, CVE-2021-44228

Security Advisory - Identity authentication bypass vulnerability found in some Dahua products

Related entries in the VARIoT vulnerabilities database: VAR-202109-1874, VAR-202109-1875

Trust: 4.75

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Nov. 15, 2021, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: dahua model: sd6al
vendor: dahua model: sd50
vendor: dahua model: sd52c
vendor: dahua model: camera
vendor: dahuasecurity model: sd6al
vendor: dahuasecurity model: sd50
vendor: dahuasecurity model: sd52c
vendor: dahuasecurity model: camera
db: NVD ids: CVE-2021-33045, CVE-2021-33044

NVD - CVE-2021-22454

Related entries in the VARIoT vulnerabilities database: VAR-202110-1459

Trust: 3.5

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: huawei technologies model: huawei
db: NVD ids: CVE-2021-22454

Moxa Devices Prone to Vulnerabilities Affecting Railways

Related entries in the VARIoT vulnerabilities database: VAR-201602-0004, VAR-201804-0468, VAR-201501-0737

Trust: 5.5

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Oct. 25, 2021, midnight
 Vulnerabilities: cross-site scripting, buffer overflow, default credentials...
Affected productsExternal IDs
vendor: moxa inc model: wac-2004
vendor: moxa inc model: moxa
vendor: moxa inc model: oncell g3470a-lte-eu-t
vendor: moxa inc model: wac-1001
vendor: moxa inc model: wac-2004 series
vendor: moxa inc model: oncell g3470a-lte-eu
vendor: moxa inc model: wac-1001 series
vendor: moxa model: wac-2004
vendor: moxa model: moxa
vendor: moxa model: oncell g3470a-lte-eu-t
vendor: moxa model: wac-1001
vendor: moxa model: wac-2004 series
vendor: moxa model: oncell g3470a-lte-eu
vendor: moxa model: wac-1001 series
vendor: cisco model: router
vendor: cisco model: access points
vendor: cisco model: series
db: NVD ids: CVE-2015-7547, CVE-2013-7423, CVE-2021-39278, CVE-2016-8717, CVE-2013-1914, CVE-2021-39279, CVE-2015-0235

Impact of Apache Log4j Vulnerabilities on NetBackup Appliances

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-2011, VAR-202112-0562

Trust: 4.75

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 18, 2022, 11:48 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: veritas model: netbackup appliance
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-4104, CVE-2021-44832, CVE-2021-45046

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | NewsRadio KFBK

Trust: 3.0

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 14, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Over 30% of Android devices have eavesdropping vulnerabilities - BU-CERT

Trust: 3.25

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 30, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-0663, CVE-2021-0673, CVE-2021-0661, CVE-2021-0662

PhonePe - Report Vulnerability

Trust: 3.0

Fetched: Jan. 18, 2022, 11:48 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

DSA-2021-051: Dell EMC PowerFlex appliance Security Update for Multiple Third-Party Component Vulnerability | Dell Polska

Related entries in the VARIoT vulnerabilities database: VAR-202011-0064, VAR-202011-1362, VAR-202006-1686, VAR-202101-1926

Trust: 3.5

Fetched: Jan. 18, 2022, 11:47 a.m., Published: May 21, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell emc model: bios
vendor: dell model: bios
db: NVD ids: CVE-2020-0588, CVE-2020-8739, CVE-2020-8696, CVE-2020-0591, CVE-2020-8740, CVE-2020-0587, CVE-2020-0590, CVE-2020-0593, CVE-2020-8705, CVE-2020-8674, CVE-2021-3156, CVE-2020-0592, CVE-2020-8738

MyBook Users Urged to Unplug Devices from Internet - Krebs on Security

Related entries in the VARIoT vulnerabilities database: VAR-201906-0768

Trust: 4.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Sept. 30, 2021, midnight
 Vulnerabilities: command execution
Affected productsExternal IDs
db: NVD ids: CVE-2018-18472

NVD - CVE-2021-27410

Trust: 5.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-27410

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

NVD - CVE-2021-1585

Related entries in the VARIoT vulnerabilities database: VAR-202107-0426

Trust: 4.5

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: cisco systems model: adaptive_security_device_manager
vendor: cisco systems model: device manager
vendor: cisco systems model: asdm
vendor: cisco systems model: security device manager
vendor: cisco systems model: cisco systems
vendor: cisco systems model: adaptive security device manager
vendor: cisco model: adaptive_security_device_manager
vendor: cisco model: device manager
vendor: cisco model: asdm
vendor: cisco model: security device manager
vendor: cisco model: cisco systems
vendor: cisco model: adaptive security device manager
db: NVD ids: CVE-2021-1585

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Jan. 18, 2022, 11:47 a.m., Published: Sept. 18, 2021, 10:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Acunetix Web Vulnerability Scanner - Test websites

Trust: 3.25

Fetched: Jan. 18, 2022, 11:46 a.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: cross-site request forgery, request forgery, sql injection...
Affected productsExternal IDs