Sign-up

VARIoT news about IoT security

NVD - CVE-2021-34727

Trust: 5.25

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Oct. 13, 2021, midnight
 Vulnerabilities: buffer overflow, denial of service
Affected productsExternal IDs
vendor: cisco systems model: ios xe sd-wan software
vendor: cisco systems model: asr_1000
vendor: cisco systems model: cisco systems
vendor: cisco systems model: cisco ios xe
vendor: cisco systems model: ios xe
vendor: cisco systems model: cisco ios
vendor: cisco systems model: sd-wan
vendor: cisco model: ios xe sd-wan software
vendor: cisco model: asr_1000
vendor: cisco model: cisco systems
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: sd-wan
db: NVD ids: CVE-2021-34727

Vulnerability Discovered in Ubiquiti Inc. UniFi Protect Software

Related entries in the VARIoT vulnerabilities database: VAR-202108-0413

Trust: 3.75

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Sept. 2, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: ubiquiti model: unifi
db: NVD ids: CVE-2021-22944

CVE-2021-40117 - CVE.report

Related entries in the VARIoT vulnerabilities database: VAR-202110-1351

Trust: 6.0

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Jan. 7, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense
db: NVD ids: CVE-2021-40117

Microsoft November 2021 Patch Tuesday

Related entries in the VARIoT vulnerabilities database: VAR-202111-0697, VAR-202111-0473, VAR-202111-0789, VAR-202111-0660

Trust: 3.75

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 15, 2021, midnight
 Vulnerabilities: feature bypass, denial of service, information disclosure...
Affected productsExternal IDs
db: NVD ids: CVE-2021-41379, CVE-2021-42303, CVE-2021-42287, CVE-2021-41374, CVE-2021-26444, CVE-2021-41376, CVE-2021-38665, CVE-2021-42304, CVE-2021-42288, CVE-2021-42280, CVE-2021-42282, CVE-2021-36957, CVE-2021-42319, CVE-2021-40442, CVE-2021-42276, CVE-2021-42285, CVE-2021-41375, CVE-2021-42298, CVE-2021-42274, CVE-2021-41371, CVE-2021-41372, CVE-2021-41368, CVE-2021-41370, CVE-2021-43209, CVE-2021-41373, CVE-2021-42300, CVE-2021-42322, CVE-2021-41367, CVE-2021-42279, CVE-2021-42278, CVE-2021-42291, CVE-2021-42321, CVE-2021-26443, CVE-2021-42305, CVE-2021-42323, CVE-2021-42292, CVE-2021-42301, CVE-2021-41366, CVE-2021-41356, CVE-2021-43208, CVE-2021-42284, CVE-2021-38666, CVE-2021-41349, CVE-2021-42275, CVE-2021-42277, CVE-2021-42286, CVE-2021-41378, CVE-2021-41377, CVE-2021-42316, CVE-2021-3711, CVE-2021-42302, CVE-2021-42283, CVE-2021-38631, CVE-2021-41351, CVE-2021-42296

Patch Now: Cisco, CISA Sound The Alarm On Four Software Flaws - My TechDecisions

Related entries in the VARIoT vulnerabilities database: VAR-202111-0664

Trust: 4.5

Fetched: Nov. 22, 2021, 8:12 a.m., Published: -
 Vulnerabilities: command injection, denial of service
Affected productsExternal IDs
vendor: cisco model: cisco small business
vendor: cisco model: series
vendor: cisco model: series switches
vendor: cisco model: email security appliance
vendor: cisco model: 300 series managed switches
vendor: cisco model: asyncos software
vendor: cisco model: 200 series smart switches
vendor: cisco model: policy suite
vendor: cisco model: cisco email security appliance
vendor: cisco model: small business switches
vendor: cisco model: small business 500 series stackable managed switches
vendor: cisco model: small business series switches
vendor: cisco model: esw2 series advanced switches
vendor: cisco model: series smart switches
vendor: cisco model: series stackable managed switches
vendor: cisco model: 500 series stackable managed switches
vendor: cisco model: asyncos
vendor: cisco model: series managed switches
vendor: cisco model: cisco policy suite
vendor: cisco model: small business series
vendor: cisco model: small business
vendor: cisco model: small business 300 series managed switches
vendor: cisco model: cisco asyncos
vendor: cisco model: catalyst
db: NVD ids: CVE-2021-40119, CVE-2021-34741, CVE-2021-40112, CVE-2021-34739, CVE-2021-34795, CVE-2021-40113

New Windows update patches 55 bugs and major vulnerabilities

Trust: 3.25

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 11, 2021, 8 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Trend Micro Patches Critical Vulnerability in Server Protection Solution | SecurityWeek.Com

Trust: 5.75

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: novell model: netware
vendor: trend model: home network security
vendor: trend model: security
vendor: trend micro model: home network security
vendor: trend micro model: security
db: NVD ids: CVE-2021-36745

November Patch Tuesday drop fixes bugs in Excel, Exchange Server

Trust: 5.25

Fetched: Nov. 22, 2021, 8:12 a.m., Published: Nov. 10, 2021, midnight
 Vulnerabilities: security feature bypass, buffer overflow, memory corruption...
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2021-42292, CVE-2021-42270, CVE-2021-26855, CVE-2021-38666, CVE-2021-27065, CVE-2021-3711, CVE-2021-42316, CVE-2021-42321, CVE-2021-42298, CVE-2021-26443

Bluetooth Vulnerability: Arbitrary Code Execution On The ESP32, Among Others | Hackaday

Trust: 4.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 23, 2021, 11 a.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs

New series of Bluetooth vulnerabilities discovered that could put millions of Windows and Android devices worldwide in trouble - latest news today blogtuan.info

Trust: 4.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 15, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: optiplex
db: NVD ids: CVE-2021-28139

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 16, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

CVE - CVE-2021-34748

Related entries in the VARIoT vulnerabilities database: VAR-202110-0209

Trust: 5.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: injection attack, command injection
Affected productsExternal IDs
vendor: cisco systems model: cisco systems
vendor: cisco model: cisco systems
db: NVD ids: CVE-2021-34748

Mac Zero Day Targets Apple Devices in Hong Kong | Threatpost

Related entries in the VARIoT vulnerabilities database: VAR-202108-1374

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-30869

Critical RCE Vulnerability in Palo Alto Global Protect Firewall Affects Estimated 10,000 VPNs - Innovate Cybersecurity

Trust: 5.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: code execution, buffer overflow, memory corruption
Affected productsExternal IDs
vendor: paloaltonetworks model: firewall
vendor: paloaltonetworks model: palo alto networks globalprotect
vendor: paloaltonetworks model: networks globalprotect
vendor: paloaltonetworks model: networks
vendor: paloaltonetworks model: palo alto networks
vendor: paloaltonetworks model: pan-os
vendor: palo alto networks model: firewall
vendor: palo alto networks model: palo alto networks globalprotect
vendor: palo alto networks model: networks globalprotect
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks
vendor: palo alto networks model: pan-os
vendor: palo model: firewall
vendor: palo model: palo alto networks globalprotect
vendor: palo model: networks globalprotect
vendor: palo model: networks
vendor: palo model: palo alto networks
vendor: palo model: pan-os
db: NVD ids: CVE-2021-3064

Critical security vulnerabilities put millions of healthcare devices at risk | TechRadar

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 10, 2021, 4:15 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: siemens model: nucleus

NVD - CVE-2021-42114

Trust: 3.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: dram model: dram
db: NVD ids: CVE-2021-42114

These cybersecurity vulnerabilities could leave millions of connected medical devices open to attack - The Latest Breaking News

Related entries in the VARIoT vulnerabilities database: VAR-202111-1605, VAR-202111-1616, VAR-202111-1604

Trust: 6.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 9, 2021, 3:32 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: siemens model: nucleus
db: NVD ids: CVE-2021-31886, CVE-2021-31888, CVE-2021-31887

Serious security vulnerabilities in DRAM memory devices - Tech Xplore - Business Telegraph

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 16, 2021, 1:37 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dram model: dram

Security Vulnerabilities fixed in Firefox ESR 78.15 - Mozilla

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: -
 Vulnerabilities: memory corruption
Affected productsExternal IDs

DSA-2021-152: Aktualizacja zabezpieczeń platformy klienckiej firmy Dell dotycząca luki w zabezpieczeniach niewystarczającej kontroli dostępu w sterowniku Dell DBUtilDrv2.sys | Dell Polska

Related entries in the VARIoT vulnerabilities database: VAR-202108-1843

Trust: 3.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: vostro 3670
vendor: dell model: latitude 5175
vendor: dell model: inspiron 3583
vendor: dell model: optiplex 5040
vendor: dell model: latitude 7280
vendor: dell model: latitude 7275
vendor: dell model: latitude 5580
vendor: dell model: precision 3530
vendor: dell model: vostro 3660
vendor: dell model: latitude 5420
vendor: dell model: vostro 3070
vendor: dell model: latitude 5288
vendor: dell model: latitude 5285
vendor: dell model: g5 5590
vendor: dell model: inspiron 3580
vendor: dell model: inspiron 3480
vendor: dell model: latitude 7490
vendor: dell model: latitude 3180
vendor: dell model: g7 7588
vendor: dell model: optiplex 7440 aio
vendor: dell model: optiplex 3046
vendor: dell model: latitude 7480
vendor: dell model: inspiron 7586
vendor: dell model: latitude 5491
vendor: dell model: vostro 3470
vendor: dell model: g7 7790
vendor: dell model: vostro 3581
vendor: dell model: optiplex 7760 aio
vendor: dell model: precision 7920
vendor: dell model: vostro 3267
vendor: dell model: latitude 3390
vendor: dell model: latitude e7470
vendor: dell model: optiplex xe3
vendor: dell model: optiplex 7060
vendor: dell model: latitude 3470
vendor: dell model: latitude
vendor: dell model: precision 3930
vendor: dell model: latitude 7370
vendor: dell model: precision 7820
vendor: dell model: latitude 5179
vendor: dell model: inspiron 5770
vendor: dell model: latitude 5490
vendor: dell model: inspiron 7472
vendor: dell model: inspiron 7380
vendor: dell model: inspiron 3268
vendor: dell model: precision 3420
vendor: dell model: precision 7530
vendor: dell model: precision 3520
vendor: dell model: inspiron 5570
vendor: dell model: latitude 3380
vendor: dell model: latitude e5270
vendor: dell model: g3 3779
vendor: dell model: latitude 3490
vendor: dell model: inspiron 3780
vendor: dell model: optiplex 5060
vendor: dell model: latitude 7290
vendor: dell model: latitude 3190
vendor: dell model: vostro 3268
vendor: dell model: latitude 3570
vendor: dell model: inspiron 3781
vendor: dell model: precision 3620
vendor: dell model: optiplex 3060
vendor: dell model: inspiron 5580
vendor: dell model: latitude 5480
vendor: dell model: inspiron 5481
vendor: dell model: latitude 3580
vendor: dell model: precision 5510
vendor: dell model: precision 5520
vendor: dell model: vostro 3669
vendor: dell model: vostro 5481
vendor: dell model: latitude 5488
vendor: dell model: precision 3430
vendor: dell model: optiplex 7050
vendor: dell model: vostro 3583
vendor: dell model: vostro 3580
vendor: dell model: chengming 3967
vendor: dell model: chengming
vendor: dell model: precision 3510
vendor: dell model: embedded box pc
vendor: dell model: inspiron 7386
vendor: dell model: latitude 3189
vendor: dell model: chengming 3980
vendor: dell model: wyse 7040
vendor: dell model: latitude 5590
vendor: dell model: vostro 3480
vendor: dell model: latitude 7389
vendor: dell model: optiplex 3040
vendor: dell model: inspiron 5482
vendor: dell model: inspiron 3668
vendor: dell model: precision 5530
vendor: dell model: precision 5820
vendor: dell model: precision 3630
vendor: dell model: g7 7590
vendor: dell model: latitude 5280
vendor: dell model: vostro 3584
vendor: dell model: precision 7520
vendor: dell model: optiplex 3050
vendor: dell model: optiplex 3050 aio
vendor: dell model: inspiron 3470
vendor: dell model: latitude 5290
vendor: dell model: latitude 7390
vendor: dell model: g5 5587
vendor: dell model: latitude e5570
vendor: dell model: inspiron 3481
vendor: dell model: inspiron 7580
vendor: dell model: chengming 3977
vendor: dell model: optiplex 7040
vendor: dell model: latitude 5289
vendor: dell model: latitude 5591
vendor: dell model: optiplex 5050
vendor: dell model: inspiron 3581
vendor: dell model: inspiron 5480
vendor: dell model: latitude e7270
vendor: dell model: embedded box pc 5000
vendor: dell model: wyse 5070
vendor: dell model: g3 3579
vendor: dell model: latitude 7380
vendor: dell model: vostro 3668
vendor: dell model: optiplex
vendor: dell model: vostro 5581
vendor: dell model: inspiron 3584
vendor: dell model: precision 5720 aio
vendor: dell model: inspiron 7786
vendor: dell model: precision 7720
vendor: dell model: vostro 3667
vendor: dell model: latitude 3590
vendor: dell model: bios
vendor: dell model: latitude 3480
vendor: dell model: xps 8900
vendor: dell model: latitude e5470
db: NVD ids: CVE-2021-36276