VARIoT news about IoT security

Related entries in the VARIoT vulnerabilities database: VAR-202111-0579, VAR-202111-0609

Trust: 5.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 13, 2021, 8:26 p.m.
Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-1924, CVE-2021-0889, CVE-2021-42694, CVE-2021-22205, CVE-2021-43267, CVE-2021-42574, CVE-2021-0930, CVE-2021-1975, CVE-2021-1048, CVE-2021-0918
Related entries in the VARIoT vulnerabilities database: VAR-202104-0612, VAR-201912-0480, VAR-202108-1374

Trust: 3.25

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 15, 2021, midnight
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-1789, CVE-2019-8506, CVE-2021-30869

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 21, 2021, 3:17 p.m.
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-39246

Trust: 3.75

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 30, 2021, 5:20 p.m.
Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2021-39237, CVE-2021-39238

Trust: 4.75

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 4, 2021, 4:26 a.m.
Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: d-link model: router
vendor: asus model: asus
vendor: asus model: router
vendor: tp-link model: routers
vendor: netgear model: router

Trust: 3.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 7, 2021, midnight
Vulnerabilities: information disclosure, denial of service
Affected productsExternal IDs
vendor: essential model: phone

Trust: 4.75

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Sept. 25, 2021, 8:33 a.m.
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: serve model: serve

Trust: 3.25

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 7, 2021, 8:02 p.m.
Vulnerabilities: code execution, encryption issue
Affected productsExternal IDs
vendor: cisco model: small business
vendor: cisco model: webex
vendor: cisco model: cisco webex
vendor: cisco model: series
vendor: cisco model: meeting
vendor: check point model: check point
vendor: zoom model: zoom client
vendor: zoom model: zoom
vendor: zoom model: client
vendor: trend micro model: antivirus
vendor: trend micro model: security
vendor: trend model: antivirus
vendor: trend model: security
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: iphone
vendor: google model: chrome os
vendor: google model: home
vendor: google model: chrome
vendor: google model: android

Trust: 3.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 12, 2021, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: hitachi model: ops center analyzer viewpoint
vendor: hitachi model: hitachi global link manager
vendor: hitachi model: ops center common services
vendor: hitachi model: tuning manager
vendor: hitachi model: hitachi compute systems manager
vendor: hitachi model: hitachi device manager
vendor: hitachi model: device manager
vendor: hitachi model: hitachi tiered storage manager
vendor: hitachi model: compute systems manager
vendor: hitachi model: hitachi tuning manager
vendor: hitachi model: hitachi replication manager
vendor: hitachi model: tiered storage manager
vendor: hitachi model: hitachi infrastructure analytics advisor
vendor: hitachi model: replication manager
vendor: hitachi model: hitachi ops center common services
vendor: hitachi model: infrastructure analytics advisor
vendor: hitachi model: global link manager
vendor: hitachi model: hitachi ops center analyzer viewpoint
db: NVD ids: CVE-2021-2369, CVE-2021-2341, CVE-2021-2388
Related entries in the VARIoT vulnerabilities database: VAR-202111-1603

Trust: 4.75

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 2, 2021, 4:50 p.m.
Vulnerabilities: memory leak
Affected productsExternal IDs
vendor: mageia.org model: mageia
vendor: mageia model: mageia
db: NVD ids: CVE-2021-43400, CVE-2021-41229
Related entries in the VARIoT vulnerabilities database: VAR-202110-1796

Trust: 5.75

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 23, 2021, 1:51 p.m.
Vulnerabilities: denial of service, buffer overflow
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
db: NVD ids: CVE-2021-34704

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 24, 2021, 11 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei

Trust: 3.25

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 19, 2021, midnight
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: cve-2021-42321, CVE-2021-21980, CVE-2021-44077, CVE-2021-43527, cve-2021-0673, cve-2021-41277, cve-2021-39237, cve-2021-0663, cve-2021-44077, CVE-2021-0663, CVE-2021-0662, CVE-2021-41277, cve-2021-43267, cve-2021-0146, CVE-2021-42321, cve-2021-21980, cve-2021-0661, CVE-2021-0661, cve-2021-39238, CVE-2021-39237, CVE-2021-0146, cve-2021-0662, cve-2021-43527, CVE-2021-43267

Trust: 5.25

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 14, 2021, midnight
Vulnerabilities: information disclosure, arbitrary command execution, improper validation...
Affected productsExternal IDs
vendor: trend model: security
vendor: siemens model: scalance w1750d
vendor: siemens model: talon tc compact
vendor: siemens model: simatic wincc
vendor: siemens model: apogee pxc modular
vendor: siemens model: wincc
vendor: siemens model: scalance
vendor: siemens model: talon tc
vendor: siemens model: nucleus
vendor: siemens model: apogee mec
vendor: siemens model: apogee mbc
vendor: siemens model: nucleus rtos
vendor: siemens model: apogee pxc compact
vendor: siemens model: simatic pcs
vendor: siemens model: apogee pxc
vendor: siemens model: w1750d
vendor: siemens model: talon tc modular
vendor: siemens model: simatic
vendor: siemens model: pcs 7
vendor: siemens model: simatic pcs 7
vendor: aruba model: instant
vendor: aruba model: aruba instant
vendor: trend micro model: security
db: NVD ids: CVE-2021-37735, CVE-2021-42015, CVE-2021-41535, CVE-2021-31884, CVE-2021-31345, CVE-2021-31888, CVE-2021-37732, CVE-2021-42026, CVE-2021-37730, CVE-2021-31881, CVE-2021-42025, CVE-2021-40358, CVE-2021-37726, CVE-2021-31344, CVE-2021-31886, CVE-2021-40359, CVE-2021-31346, CVE-2021-31885, CVE-2021-37734, CVE-2021-31882, CVE-2021-41538, CVE-2021-40366, CVE-2021-37727, CVE-2021-31887, CVE-2021-31889, CVE-2021-40364, CVE-2021-37207, CVE-2021-31883, CVE-2021-31890

Trust: 3.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 8, 2022, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: solarwinds model: serv-u

Trust: 5.0

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 25, 2021, 12:43 p.m.
Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2021-0661, CVE-2021-0662, CVE-2021-0673, CVE-2021-0663

Trust: 3.75

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Nov. 8, 2021, 6:38 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: rapid model: scada

Trust: 4.5

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Jan. 14, 2022, 1:10 p.m.
Vulnerabilities: authentication bypass, request forgery, cross-site request forgery
Affected productsExternal IDs
vendor: dlink model: router
vendor: dlink model: dir-615
vendor: d-link model: router
vendor: d-link model: dir-615
Related entries in the VARIoT vulnerabilities database: VAR-202109-0846

Trust: 3.25

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 28, 2021, midnight
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-33716

Trust: 4.75

Fetched: Dec. 6, 2021, 2:33 p.m., Published: Dec. 3, 2021, 5:24 a.m.
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: palo alto networks model: palo alto networks
vendor: palo alto networks model: networks
vendor: palo model: palo alto networks
vendor: palo model: networks
vendor: zoho model: manageengine servicedesk plus
vendor: zoho model: manageengine adselfservice plus
vendor: solarwinds model: serv-u
db: NVD ids: CVE-2021-44077, CVE-2021-40539