Sign-up

VARIoT news about IoT security

Serious security vulnerabilities in DRAM memory devices

Trust: 3.25

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Nov. 19, 2021, 11:23 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dram model: dram

Unpatched Windows vulnerability allows attackers to gain admin rights - gHacks Tech News

Related entries in the VARIoT vulnerabilities database: VAR-202111-0697

Trust: 3.25

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Nov. 23, 2021, 5:41 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-41379

Patch now! Netgear fixes serious smart switch vulnerabilities | Malwarebytes Labs

Trust: 5.0

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Sept. 7, 2021, 12:55 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs

Microsoft November 2021 Patch Tuesday Addresses 55 Vulnerabilities

Trust: 4.75

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Nov. 10, 2021, 1:56 p.m.
 Vulnerabilities: improper validation, security feature bypass, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2021-38631, CVE-2021-41371, CVE-2021-43209, CVE-2021-42321, CVE-2021-42292, CVE-2021-43208

Device, Application and Cloud Security for IoT

Trust: 4.0

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Nov. 19, 2021, 6:26 p.m.
 Vulnerabilities: denial of service, default credentials, injection attack...
Affected productsExternal IDs
vendor: google model: home
vendor: tesla model: model

Vulnerability Found Affecting Low-Power Intel Processors

Trust: 3.75

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Nov. 20, 2021, 10:30 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tesla model: model 3
vendor: tesla model: model
db: NVD ids: CVE-2021-0146

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Trust: 4.5

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Jan. 7, 2022, 7:33 p.m.
 Vulnerabilities: use after free, code execution, buffer overflow
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
vendor: google model: home
db: NVD ids: CVE-2021-38007, CVE-2021-38019, CVE-2021-38010, CVE-2021-38014, CVE-2021-38016, CVE-2021-38011, CVE-2021-38022, CVE-2021-38012, CVE-2021-38015, CVE-2021-38006, CVE-2021-38005, CVE-2021-38008, CVE-2021-38009, CVE-2021-38017, CVE-2021-38021, CVE-2021-38013, CVE-2021-38018, CVE-2021-38020

Medtronic Recalls Remote Controllers Used with Paradigm and 508 MiniMed Insulin Pumps for Potential Cybersecurity Risks | FDA

Related entries in the VARIoT vulnerabilities database: VAR-201808-0370, VAR-201808-0175

Trust: 3.75

Fetched: Nov. 23, 2021, 9:28 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: medtronic model: minimed 508 insulin pump
vendor: medtronic model: paradigm
vendor: medtronic model: minimed 508
db: ICS CERT ids: ICSMA-18-219-02

Synopsys Research Finds Vulnerabilities in 97% of Applications, 36% Impacted by Critical- or High-Risk Vulnerabilities

Trust: 3.75

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Nov. 16, 2021, 2:05 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs

NVD - CVE-2021-34761

Related entries in the VARIoT vulnerabilities database: VAR-202110-1305

Trust: 3.5

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco systems model: cisco systems
vendor: cisco systems model: firepower threat defense
vendor: cisco systems model: firepower
vendor: cisco systems model: firepower_management_center_virtual_appliance
vendor: cisco model: cisco systems
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: firepower_management_center_virtual_appliance
db: NVD ids: CVE-2021-34761

Vulnerability in Cisco Security Devices is Dangerous For Business Processes of Large Companies

Related entries in the VARIoT vulnerabilities database: VAR-202005-0685, VAR-202110-1796, VAR-202005-0696, VAR-202007-1057

Trust: 5.75

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Jan. 8, 2022, midnight
 Vulnerabilities: denial of service, buffer overflow
Affected productsExternal IDs
vendor: cisco model: firepower
vendor: cisco model: device manager
vendor: cisco model: adaptive security appliance
vendor: cisco model: firepower threat defense
db: NVD ids: CVE-2020-3187, CVE-2021-34704, CVE-2020-3259, CVE-2020-3452

Iranian Hackers Exploiting Microsoft, Fortinet Vulnerabilities: Feds

Trust: 3.75

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Nov. 17, 2021, 1:55 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: fortigate model: fortios
vendor: filezilla model: server
vendor: filezilla model: filezilla

New vulnerabilities found in Intel processors - Aroged

Related entries in the VARIoT vulnerabilities database: VAR-202111-1151, VAR-202111-1193

Trust: 4.25

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Nov. 16, 2021, 11:13 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2021-0157, CVE-2021-0146, CVE-2021-0158

Software Flaws Leave Medical Devices Vulnerable to Attack

Related entries in the VARIoT vulnerabilities database: VAR-202111-1605

Trust: 4.5

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Nov. 10, 2021, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: siemens model: nucleus net
vendor: siemens model: nucleus rtos
vendor: siemens model: nucleus
db: NVD ids: CVE-2021-31886

Hackers Exploit Vulnerability Targeting Routers and Modems Running Arcadyan Firmware | Trend Micro News

Related entries in the VARIoT vulnerabilities database: VAR-202104-0768

Trust: 4.75

Fetched: Nov. 23, 2021, 9:28 a.m., Published: Aug. 26, 2021, 4:47 p.m.
 Vulnerabilities: path traversal
Affected productsExternal IDs
vendor: trend micro model: home network security
vendor: trend micro model: security
vendor: trend micro model: micro home network security
vendor: trend model: home network security
vendor: trend model: security
vendor: trend model: micro home network security
db: NVD ids: CVE-2021-20090

Microsoft Security Response Center

Trust: 4.25

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Dec. 11, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-42306, CVE-2021-38645, CVE-2021-38647, CVE-2021-38649, CVE-2021-38648

Education, Research The Most Attacked Industries in The Cyberspace

Trust: 4.5

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 12, 2021, 12:19 p.m.
 Vulnerabilities: path traversal, code execution, directory traversal...
Affected productsExternal IDs
vendor: check point model: check point
vendor: google model: android

Metasploit | Penetration Testing Software, Pen Testing Security | Metasploit

Trust: 3.25

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Jan. 14, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sonicwall model: sma 100

WP Fastest Cache Plugin Vulnerability Discovered | SiteLock

Trust: 3.0

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 4, 2021, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs

October

Related entries in the VARIoT vulnerabilities database: VAR-202112-0336, VAR-202112-0353, VAR-202202-1526, VAR-202106-0594, VAR-202112-0134, VAR-202103-1442, VAR-202110-1481, VAR-202109-1959, VAR-202110-1848, VAR-202110-1490, VAR-202110-1849, VAR-202112-0285, VAR-202112-0352, VAR-202110-1482, VAR-202106-1796, VAR-202112-0238, VAR-202111-1763, VAR-202201-0227, VAR-202112-0349, VAR-202110-1479, VAR-202110-1477, VAR-202112-0258, VAR-202110-1496, VAR-202110-1489, VAR-202112-0343, VAR-202110-1500, VAR-202112-0350, VAR-202110-1491, VAR-202109-0297, VAR-202110-1431, VAR-202112-0342, VAR-202110-1447, VAR-202112-0136, VAR-202109-0386, VAR-202112-0327, VAR-202112-0137, VAR-202112-0335, VAR-202110-1847, VAR-202112-0348, VAR-202109-0289, VAR-202110-1485, VAR-202104-1670, VAR-202110-1486, VAR-202112-0346, VAR-202111-0848, VAR-202110-1493, VAR-202110-1854, VAR-202108-0284, VAR-202112-0351, VAR-202112-0138, VAR-202201-0226, VAR-202108-2288, VAR-202110-1435, VAR-202110-1499, VAR-202110-1450, VAR-202112-0334, VAR-202106-0598, VAR-202110-1856, VAR-202106-0608, VAR-202112-0347, VAR-202112-0259

Trust: 5.25

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Oct. 11, 2021, 10:59 a.m.
 Vulnerabilities: code execution, integer overflow, information leakage...
Affected productsExternal IDs
vendor: huawei model: emui
vendor: huawei model: huawei
db: NVD ids: CVE-2021-37056, CVE-2021-37044, CVE-2021-37103, CVE-2021-0695, CVE-2021-22370, CVE-2021-37047, CVE-2021-28375, CVE-2021-36995, CVE-2021-22319, CVE-2021-30294, CVE-2021-0644, CVE-2021-37117, CVE-2021-0639, CVE-2021-36985, CVE-2021-37114, CVE-2021-37040, CVE-2021-37045, CVE-2021-0690, CVE-2021-36994, CVE-2021-22326, CVE-2021-37097, CVE-2021-37118, CVE-2021-37120, CVE-2021-37051, CVE-2021-36997, CVE-2021-36999, CVE-2021-0693, CVE-2021-0515, CVE-2021-37014, CVE-2021-22485, CVE-2021-36986, CVE-2021-0574, CVE-2021-37092, CVE-2021-0514, CVE-2021-0680, CVE-2021-22475, CVE-2021-37050, CVE-2021-22491, CVE-2021-0573, CVE-2021-0689, CVE-2021-1961, CVE-2021-22460, CVE-2021-37093, CVE-2021-0685, CVE-2021-1957, CVE-2021-0688, CVE-2021-36989, CVE-2021-0519, CVE-2021-37042, CVE-2021-0577, CVE-2021-1941, CVE-2021-37075, CVE-2021-0576, CVE-2021-1958, CVE-2021-0683, CVE-2021-0686, CVE-2021-3347, CVE-2021-0595, CVE-2021-37041, CVE-2021-37020, CVE-2021-37113, CVE-2021-0571, CVE-2021-0681, CVE-2021-0682, CVE-2021-37052, CVE-2021-0684, CVE-2021-1948, CVE-2021-0592, CVE-2021-0513, CVE-2021-36991, CVE-2021-3506, CVE-2021-36990, CVE-2021-0598, CVE-2021-1974, CVE-2021-37054, CVE-2021-37013, CVE-2021-22488, CVE-2021-30290, CVE-2021-37119, CVE-2021-22420, CVE-2021-37049, CVE-2021-37038, CVE-2021-37121, CVE-2021-0687, CVE-2021-22489, CVE-2021-22455, CVE-2021-22481, CVE-2021-22469, CVE-2021-0585, CVE-2021-37021, CVE-2021-22374, CVE-2020-14381, CVE-2021-37111, CVE-2021-22345, CVE-2021-37053, CVE-2021-37011