Sign-up

VARIoT news about IoT security

Log4j: what you need to know | Allot's Network Security & IoT Blog for CSPs & Enterprises

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 21, 2021, 1:21 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

20th December - Threat Intelligence Report - Check Point Research

Related entries in the VARIoT vulnerabilities database: VAR-202112-2487, VAR-202112-2486, VAR-202112-0566, VAR-202106-1091, VAR-201906-0768

Trust: 5.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 20, 2021, 10:05 a.m.
 Vulnerabilities: command execution, code execution, privilege elevation
Affected productsExternal IDs
vendor: orange model: web server
vendor: check point model: check point
vendor: lenovo model: system
vendor: lenovo model: updates
vendor: google model: home
db: NVD ids: CVE-2021-3969, CVE-2021-3922, CVE-2021-44228, CVE-2021-35941, CVE-2018-18472

VMware ESXi 7 users vulnerable to hypervisor takeover bug

Trust: 3.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 10, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2021-22045

NVD - CVE-2021-20173

Related entries in the VARIoT vulnerabilities database: VAR-202112-2044

Trust: 5.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: netgear model: r6700_firmware
vendor: netgear model: r6700
db: NVD ids: CVE-2021-20173

Security Notice Regarding Log4 Shell Exploit - DTEN Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 21, 2021, 5:29 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

doorLock - "A persistent denial of service vulnerability affecting iOS 15.2 - iOS 14.7 (and likely through 14.0), triggered via HomeKit" | HUP

Trust: 3.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs

Microsoft launches new Defender capabilities for fixing Log4j | VentureBeat

Related entries in the VARIoT vulnerabilities database: VAR-202112-2011

Trust: 4.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 28, 2021, 5:09 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2021-44832

Data Theorem Releases Critical Insight into Log4Shell Vulnerability to Assist Security Teams in Addressing the Exploit | Business Wire

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 23, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-44228

Dotdigital's response to the Log4j vulnerability - CVE-2021-44228 (Log4Shell) - Dotdigital Help Centre

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

New iOS vulnerability DoS bug revealed - IT Security Guru

Trust: 5.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 4, 2022, 12:12 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad

The Top 10 Most Severe Vulnerabilities In 2021

Related entries in the VARIoT vulnerabilities database: VAR-202103-0654, VAR-202112-0566, VAR-202106-0639, VAR-202007-0079, VAR-202103-0961, VAR-201906-0815, VAR-202103-0965, VAR-202008-0193, VAR-202103-0655, VAR-202107-1010

Trust: 4.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 10, 2022, midnight
 Vulnerabilities: configuration bug, path traversal, code execution...
Affected productsExternal IDs
vendor: pulse secure model: pulse connect secure
vendor: pulse secure model: connect secure
vendor: trend model: security
db: NVD ids: CVE-2021-26855, CVE-2021-22986, CVE-2021-31207, CVE-2021-34523, CVE-2021-22893, CVE-2021-22894, CVE-2021-44228, CVE-2020-8260, CVE-2021-1675, CVE-2020-12812, CVE-2021-22899, CVE-2021-22992, CVE-2021-34473, CVE-2018-13379, CVE-2021-22991, CVE-2021-27065, CVE-2021-21972, CVE-2021-26857, CVE-2019-5591, CVE-2021-26858, CVE-2021-21985, CVE-2021-22937, CVE-2021-22900, CVE-2021-22987, CVE-2021-34527

Security Alert Log4j Update #1 Dated 12.17.21

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 20, 2021, 10:43 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
vendor: check point model: security gateway
vendor: palo model: networks
vendor: palo model: palo alto networks
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks
vendor: broadcom model: broadcom
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Malsmoke targets nine-year-old Windows vulnerability - Tech Monitor

Related entries in the VARIoT vulnerabilities database: VAR-202109-1909

Trust: 4.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 6, 2022, 5:50 p.m.
 Vulnerabilities: signature validation vulnerability
Affected productsExternal IDs
vendor: palo alto networks model: palo alto networks
vendor: palo alto networks model: networks
vendor: check point model: check point
vendor: palo model: palo alto networks
vendor: palo model: networks
db: NVD ids: CVE-2021-40444

Details Released on SonicWall Flaws in SMA-100 Devices

Related entries in the VARIoT vulnerabilities database: VAR-202112-0361

Trust: 4.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 11, 2022, 7:05 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: sma 100
vendor: sonicwall model: secure mobile access
db: NVD ids: CVE-2021-20038

Data Theorem Releases Critical Insight into Log4Shell Vulnerability to Assist Security Teams in Addressing the Exploit - My TechDecisions

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-44228

Microsoft investigating Defender issue with Log4j scanner | VentureBeat

Related entries in the VARIoT vulnerabilities database: VAR-202112-2011

Trust: 4.75

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 29, 2021, 3:34 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2021-44832

Dell Windows drivers still vulnerable to kernel attacks | Born's Tech and Windows World

Related entries in the VARIoT vulnerabilities database: VAR-202105-0569

Trust: 5.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 19, 2021, 10 a.m.
 Vulnerabilities: privilege escalation, access control vulnerability, privilege elevation
Affected productsExternal IDs
vendor: dell model: idrac8
vendor: dell model: bios
db: NVD ids: CVE-2021-21551

Threats to Smart Home Security and How to Counter Them

Trust: 3.5

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Dec. 28, 2021, 5:35 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google home
vendor: google model: home

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

Trust: 4.25

Fetched: Jan. 14, 2022, 11:48 a.m., Published: Jan. 7, 2022, 7:33 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

Security Advisory for Post-Authentication Command Injection on D6220, PSV-2021-0200 | Answer | NETGEAR Support

Trust: 5.0

Fetched: Jan. 14, 2022, 11:48 a.m., Published: -
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: netgear model: d6220
vendor: netgear model: orbi