Sign-up

VARIoT news about IoT security

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution | New York State Office of Information Technology Services

Trust: 4.25

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Nov. 2, 2021, 3:42 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

Google squashes Android zero‑day bug exploited in targeted attacks | WeLiveSecurity

Related entries in the VARIoT vulnerabilities database: VAR-202111-0579, VAR-202111-0609

Trust: 4.5

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Nov. 4, 2021, 4:22 p.m.
 Vulnerabilities: information disclosure, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-1924, CVE-2021-1048, CVE-2021-0930, CVE-2021-0889, CVE-2021-0918, CVE-2021-1975

Critical vulnerabilities expose Cisco equipment to hijacking attacks - NewsBreak

Trust: 4.0

Fetched: Nov. 9, 2021, 12:59 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: series switches
vendor: cisco model: catalyst
vendor: cisco model: series
db: NVD ids: CVE-2021-40113, CVE-2021-34795

Critical remote code execution vulnerability in Linux Kernel TIPC module affects millions of devices. Patch immediately

Trust: 3.25

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Nov. 4, 2021, 5:06 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Realtek vulnerabilities compromise hundreds of thousands of routers, IoT devices | TechRadar

Trust: 3.5

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Aug. 16, 2021, 3:19 p.m.
 Vulnerabilities: memory corruption, command injection
Affected productsExternal IDs
vendor: asus model: asus
vendor: realtek model: sdk
vendor: realtek model: realtek sdk

Cisco Nexus Insights Authenticated Information Disclosure Vulnerability

Trust: 5.25

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Sept. 1, 2021, 3:54 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: nexus

What’s the Most Vulnerable Device in Your Home? It’s Not What You Think

Trust: 3.0

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Jan. 10, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Analyzing Pegasus Spyware’s Zero-Click iPhone Exploit ForcedEntry

Related entries in the VARIoT vulnerabilities database: VAR-202108-1057, VAR-202010-1285

Trust: 4.75

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Sept. 15, 2021, midnight
 Vulnerabilities: integer overflow
Affected productsExternal IDs
vendor: apple model: iphone
db: NVD ids: CVE-2021-30860, CVE-2020-9883

Critical vulnerabilities expose Cisco equipment to hijacking attacks | TechRadar

Trust: 4.75

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Nov. 5, 2021, 1:28 p.m.
 Vulnerabilities: injection attack, command injection
Affected productsExternal IDs
vendor: cisco model: cisco policy suite
vendor: cisco model: series switches
vendor: cisco model: policy suite
vendor: cisco model: series
vendor: cisco model: catalyst
db: NVD ids: CVE-2021-34795, CVE-2021-40113, CVE-2021-40112

CVE-2021-36260: Remotely hacking and spying on Hikvision CCTV systems with this zero-click vulnerability

Trust: 4.25

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Sept. 21, 2021, 10 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hikvision model: hikvision
db: NVD ids: CVE-2021-36260

F5 Releases Critical Security Patch for BIG-IP and BIG-IQ Devices

Related entries in the VARIoT vulnerabilities database: VAR-202109-0778, VAR-202109-0783, VAR-202109-0779, VAR-202109-0777, VAR-202109-1883, VAR-202109-0535, VAR-202109-0782, VAR-202109-0532, VAR-202109-0534, VAR-202109-0780, VAR-202109-0781, VAR-202109-0776, VAR-202109-0533

Trust: 3.75

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Aug. 26, 2021, 11:51 a.m.
 Vulnerabilities: command execution, request forgery, privilege escalation...
Affected productsExternal IDs
db: NVD ids: CVE-2021-23029, CVE-2021-23034, CVE-2021-23030, CVE-2021-23028, CVE-2021-23025, CVE-2021-23037, CVE-2021-23033, CVE-2021-23026, CVE-2021-23036, CVE-2021-23031, CVE-2021-23032, CVE-2021-23027, CVE-2021-23035

Google Android August 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices - REAL security

Related entries in the VARIoT vulnerabilities database: VAR-202109-0210, VAR-202109-0211, VAR-202109-0212, VAR-202109-0377, VAR-202109-0374

Trust: 5.25

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Aug. 17, 2021, 6:05 a.m.
 Vulnerabilities: buffer overflow, information disclosure
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: huawei model: huawei
vendor: samsung model: mobile
vendor: samsung model: mobile devices
vendor: samsung model: samsung
db: NVD ids: CVE-2021-1916, CVE-2021-1920, CVE-2021-1919, CVE-2021-0519, CVE-2021-1972, CVE-2021-1976

What’s the Most Vulnerable Device in Your Home? It’s Not What You Think

Trust: 3.0

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Jan. 10, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

Security Advisories - Juniper Networks

Related entries in the VARIoT vulnerabilities database: VAR-202201-0633, VAR-202201-1488, VAR-202201-0895, VAR-202201-0630, VAR-202112-0566, VAR-202201-0627, VAR-202201-1560, VAR-202201-0631, VAR-202201-0628, VAR-202201-0632, VAR-202110-0410, VAR-202112-0562

Trust: 4.0

Fetched: Nov. 9, 2021, 12:59 p.m., Published: -
 Vulnerabilities: denial of service, memory leak, path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2022-22152, CVE-2022-22160, CVE-2021-4104, CVE-2022-22177, CVE-2022-22164, CVE-2022-22159, CVE-2021-44228, CVE-2022-22163, CVE-2022-22157, CVE-2022-22156, CVE-2022-22155, CVE-2022-22153, CVE-2021-42550, CVE-2022-22162, CVE-2022-22167, CVE-2022-22154, CVE-2022-22161, CVE-2021-31385, CVE-2021-45046

Zambia : Cyber Security decoded: understanding threats, vulnerabilities, and information security risks

Trust: 3.75

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Jan. 9, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: essential model: phone

CRITICAL VULNERABILITY AFFECTING MILLIONS OF IOT DEVICES USING THROUGHTEK’S KALAY NETWORK " Cyber Security

Trust: 3.0

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Aug. 20, 2021, 10:43 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-2837

How secure are your smart home devices? | World Economic Forum

Trust: 4.5

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Nov. 10, 2021, 4:45 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

A Vulnerability in SonicWall SMA 100 Series Could Allow for Arbitrary File Deletion

Trust: 4.5

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Jan. 7, 2022, 7:34 p.m.
 Vulnerabilities: improper access control, access control vulnerability, path traversal
Affected productsExternal IDs
vendor: sonicwall model: sma100
vendor: sonicwall model: sma 100

NVD - CVE-2021-34762

Related entries in the VARIoT vulnerabilities database: VAR-202110-1065

Trust: 4.0

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: firepower_management_center_virtual_appliance
vendor: cisco model: firepower_threat_defense
vendor: cisco model: sourcefire_defense_center
db: NVD ids: CVE-2021-34762

Lessons learned: How a severe vulnerability in the OWASP ModSecurity Core Rule Set sparked much-needed change | The Daily Swig

Trust: 3.0

Fetched: Nov. 9, 2021, 12:59 p.m., Published: Nov. 5, 2021, 3:47 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-35368