Sign-up

VARIoT news about IoT security

CVE - CVE-2021-40117

Related entries in the VARIoT vulnerabilities database: VAR-202110-1351

Trust: 5.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco systems model: adaptive security appliance
vendor: cisco systems model: cisco systems
vendor: cisco systems model: cisco adaptive security appliance
vendor: cisco systems model: firepower
vendor: cisco systems model: firepower threat defense
vendor: cisco model: adaptive security appliance
vendor: cisco model: cisco systems
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense
db: NVD ids: CVE-2021-40117

Medical Device Cybersecurity

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 5, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Lights, Cameras…Vulnerabilities? Rise of Non-Business IoT Devices Putting North American Corporate Networks At Risk | Nachricht | finanzen.net

Trust: 4.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: paloaltonetworks model: firewall
vendor: paloaltonetworks model: networks
vendor: paloaltonetworks model: palo alto networks
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo model: palo alto networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks
db: POSIVITIVE TECHNOLOGY ids: ID:10

Netgear Patches Code Execution Vulnerability Affecting Many Products | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202111-0632

Trust: 5.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: netgear model: netgear router
vendor: netgear model: netgear router firmware
vendor: netgear model: router
db: NVD ids: CVE-2021-34991

13 critical Nucleus TCP/IP flaws pose denial-of-service risk to medical devices

Related entries in the VARIoT vulnerabilities database: VAR-202103-0365

Trust: 4.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 15, 2021, 12:20 p.m.
 Vulnerabilities: code execution, improper validation
Affected productsExternal IDs
vendor: siemens model: nucleus net
vendor: siemens model: nucleus
db: NVD ids: CVE-2016-20009

Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260) | Watchful_IP

Trust: 6.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 18, 2021, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: hikvision model: camera
vendor: hikvision model: hikvision
db: NVD ids: CVE-2021-36260

NVD - CVE-2021-1611

Trust: 5.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Oct. 7, 2021, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: catalyst
vendor: cisco model: wireless controller
vendor: cisco model: series
vendor: cisco model: catalyst 9800
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco systems
vendor: cisco model: series switches
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco systems model: catalyst
vendor: cisco systems model: wireless controller
vendor: cisco systems model: series
vendor: cisco systems model: catalyst 9800
vendor: cisco systems model: cisco ios xe
vendor: cisco systems model: cisco systems
vendor: cisco systems model: series switches
vendor: cisco systems model: ios xe
vendor: cisco systems model: cisco ios
db: NVD ids: CVE-2021-1611

Apple Patches Vulnerabilities in iOS Exploited by Spyware | eSecurityPlanet

Related entries in the VARIoT vulnerabilities database: VAR-202108-1057

Trust: 4.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 15, 2021, 12:18 a.m.
 Vulnerabilities: integer overflow, code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: watch
vendor: apple model: ipad
db: NVD ids: CVE-2021-30860

Intel Vulnerabilities: Bios Bugs Put Cars, Laptops, Devices at Risk to Hackers - MSSP Alert

Related entries in the VARIoT vulnerabilities database: VAR-202111-1193

Trust: 4.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 16, 2021, 2:07 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tesla model: model 3
vendor: tesla model: model
db: NVD ids: CVE-2021-0158

NVD - CVE-2021-1588

Trust: 5.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: -
 Vulnerabilities: process crash, denial of service
Affected productsExternal IDs
vendor: cisco model: nexus_3000
vendor: cisco model: cisco nx-os
vendor: cisco model: nx-os
vendor: cisco model: nexus_3048
vendor: cisco model: nx-os software
vendor: cisco model: cisco systems
vendor: cisco systems model: nexus_3000
vendor: cisco systems model: cisco nx-os
vendor: cisco systems model: nx-os
vendor: cisco systems model: nexus_3048
vendor: cisco systems model: nx-os software
vendor: cisco systems model: cisco systems
db: NVD ids: CVE-2021-1588

5XX Level Error

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Nov. 9, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability - Microsoft Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-202109-1909

Trust: 4.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 15, 2021, 11:40 p.m.
 Vulnerabilities: code execution, path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2021-40444

CVE - CVE-2021-34787

Related entries in the VARIoT vulnerabilities database: VAR-202110-1354

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco systems model: cisco adaptive security appliance
vendor: cisco systems model: cisco systems
vendor: cisco systems model: firepower threat defense
vendor: cisco systems model: firepower
vendor: cisco systems model: adaptive security appliance
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: cisco systems
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: adaptive security appliance
db: NVD ids: CVE-2021-34787

DSA-2021-217: Dell Wyse Device Agent for Windows 10 IoT Enterprise Security Update for an OpenSSL Vulnerability | Dell Polska

Trust: 3.5

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Feb. 17, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: wyse 7040
vendor: dell model: wyse 5070
db: NVD ids: CVE-2021-3712
db: DEBIAN ids: DSA-2021

Intel CPU flaw could enable hackers to attack PCs, cars, and medical devices | IT PRO

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-0146

Watchdog: Cyber arms dealer exploits Apple iPhone software weakness

Trust: 3.25

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 13, 2021, 8:13 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Apple Zero-Day: Update Your iPhone, iPad, Mac, and MORE with the Emergency Patch Immediately | Tech Times

Trust: 3.75

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 13, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: watch
vendor: apple model: ipad
vendor: apple model: imac
vendor: apple model: ipod touch
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: iphone

This new Android spyware masquerades as legitimate apps - TechCrunch

Trust: 3.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Best-selling router ships with vulnerable firmware

Trust: 5.0

Fetched: Nov. 18, 2021, 2:22 p.m., Published: Sept. 2, 2021, 2:44 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: tp-link model: archer c50