Sign-up

VARIoT news about IoT security

12-Year-Old Router Vulnerability Discovered Affecting Millions of Devices Exposing Serious Supply Chain Risks - CPO Magazine

Related entries in the VARIoT vulnerabilities database: VAR-202104-0768

Trust: 5.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 12, 2021, 2:46 a.m.
 Vulnerabilities: authentication bypass, path traversal
Affected productsExternal IDs
vendor: buffalo model: router
vendor: serve model: serve
db: NVD ids: CVE-2021-20090

Android Security Bulletin-November 2021 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202111-0521, VAR-202111-0579, VAR-202111-0609, VAR-202111-0602, VAR-202111-0608, VAR-202111-0611, VAR-202111-0603

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 15, 2021, midnight
 Vulnerabilities: use after free, denial of service, code execution...
Affected productsExternal IDs
vendor: motorola model: motorola
vendor: motorola model: android
vendor: samsung model: note
vendor: samsung model: notes
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: huawei model: huawei
vendor: broadcom model: broadcom
vendor: nokia model: nokia
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2021-30284, CVE-2021-0928, CVE-2021-1924, CVE-2021-0927, CVE-2021-0650, CVE-2021-0672, CVE-2021-1975, CVE-2021-1048, CVE-2021-1982, CVE-2021-1979, CVE-2021-0925, CVE-2021-30255, CVE-2021-1973, CVE-2021-0649, CVE-2021-0932, CVE-2021-0918, CVE-2021-0434, CVE-2021-0920, CVE-2021-0931, CVE-2021-0930, CVE-2021-0919, CVE-2021-1981, CVE-2021-0653, CVE-2021-1921, CVE-2021-0889, CVE-2021-30254

Newly Discovered IoT Vulnerability Could Threaten 83 Million Devices - Security Sales & Integration

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 17, 2021, 9:06 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable - LA Times Now

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 2, 2021, 4 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-28139

Device Vulnerabilities in the Connected Home

Related entries in the VARIoT vulnerabilities database: VAR-201505-0274

Trust: 6.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: command execution, command injection, buffer overflow...
Affected productsExternal IDs
vendor: realtek model: realtek sdk
vendor: d-link model: eyeon baby monitor
vendor: d-link model: dcs-825l
vendor: d-link model: router
vendor: buffalo model: wsr-300hp
vendor: buffalo model: router
vendor: trend micro model: security
vendor: trend micro model: home network security
vendor: dahua model: ptz camera
vendor: dahua model: camera
vendor: dahua model: ip camera
vendor: belkin model: router
vendor: trend model: security
vendor: trend model: home network security
db: NVD ids: CVE-2014-8361

Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection - 247 TECH

Related entries in the VARIoT vulnerabilities database: VAR-202108-2056

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2021-30892

Medtronic Recalls Insulin Pump Controller Due to Hacking Risk

Trust: 3.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 6, 2021, 9 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: medtronic model: paradigm
vendor: medtronic model: minimed 508
vendor: check point model: check point

device vulnerability - SPLICE

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: June 2, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: wireshark model: wireshark

Getting Potential Device Vulnerability Overview - Enterprise Mobility Manager 2.1.0 - WSO2 Documentation

Trust: 3.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: wso2 model: enterprise mobility manager

NVD - CVE-2021-34746

Related entries in the VARIoT vulnerabilities database: VAR-202109-0622

Trust: 4.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: cisco systems model: cisco systems
vendor: cisco model: cisco systems
db: NVD ids: CVE-2021-34746

IoT device security implications for the future

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 20, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs

TVD 2021

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight
 Vulnerabilities: command execution, information leakage
Affected productsExternal IDs
vendor: essential model: phone
vendor: rapid model: scada
vendor: google model: wifi
vendor: google model: home
vendor: google model: android

RCE Vulnerability in Hikvision Cameras (CVE-2021-36260) | CISA

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 29, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hikvision model: hikvision
db: NVD ids: CVE-2021-36260

Medical Device Vulnerability Alert Issued - HealthcareInfoSecurity

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 18, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Millions of Bluetooth-enabled devices vulnerable | Voice of CISO

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 3, 2021, 12:17 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-28139

Is Your Medical Device Vulnerability Management in Critical Condition

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 21, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

IT Security Standard: Vulnerability Assessment and Management - Information Security - Cal Poly, San Luis Obispo

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 5, 2021, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: serve model: serve

Bluetooth Devices Vulnerable to Attacks - ISSSource

Trust: 3.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 28, 2021, 8:54 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: asus model: asus

Mobile Application Security Threats and Vulnerabilities 2019: Mobile Device Security - Attacks Research

Related entries in the VARIoT vulnerabilities database: VAR-201611-0386

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: configuration vulnerability, session hijacking, cross-site scripting...
Affected productsExternal IDs
vendor: google model: android
vendor: google model: wi-fi router
vendor: alcatel model: operating system
vendor: apple model: icloud
db: NVD ids: CVE-2019-5765, CVE-2016-5195

Apple Patches New Zero-Day iOS Vulnerability Possibly Under Exploitation

Related entries in the VARIoT vulnerabilities database: VAR-202108-2057

Trust: 5.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 11, 2021, 7:50 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: iphone
db: NVD ids: CVE-2021-30883