VARIoT latest news about IoT security

The Security Vulnerabilities that Exist on Some of our Favorite IoT Devices - Firedome Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 27, 2021, 11:11 a.m.	Vulnerabilities: denial of service

Affected products	External IDs

Week in review: Realtek chips vulnerabilities, NAS devices under attack, security teams burnout - Help Net Security Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 20, 2021, 11:14 a.m.	Vulnerabilities: os command injection, command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28372

NVD - CVE-2021-40114 Related entries in the VARIoT vulnerabilities database: VAR-202110-1353 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco systems	model:	firepower_threat_defense
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	firepower_management_center
vendor:	cisco	model:	firepower_threat_defense
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	series
vendor:	cisco	model:	firepower_management_center
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2021-40114

CVE-2021-40118 - CVE.report Related entries in the VARIoT vulnerabilities database: VAR-202110-1350 Trust: 6.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 7, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower threat defense

db:

NVD

ids:

CVE-2021-40118

Update your Apple device now: emergency security update released : TechWeb : Blog Archive : Boston University Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 29, 2021, 1:37 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

CVE-2021-40114 - CVE.report Related entries in the VARIoT vulnerabilities database: VAR-202110-1353 Trust: 5.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 7, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	series
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	firepower
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2021-40114

CVE - CVE-2021-1451 Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: denial of service, buffer overflow

Affected products

External IDs

vendor:	cisco systems	model:	catalyst
vendor:	cisco systems	model:	cisco catalyst 4500 series
vendor:	cisco systems	model:	catalyst 4500 series
vendor:	cisco systems	model:	catalyst 4500
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	ios xe software
vendor:	cisco systems	model:	ios xe
vendor:	cisco systems	model:	series switches
vendor:	cisco systems	model:	cisco ios xe
vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	cisco ios
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	cisco catalyst 4500 series
vendor:	cisco	model:	catalyst 4500 series
vendor:	cisco	model:	catalyst 4500
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	series switches
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	series
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2021-1451

CVE-2021-34787 : A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Related entries in the VARIoT vulnerabilities database: VAR-202110-1354 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 27, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	adaptive security appliance

db:

NVD

ids:

CVE-2009-1234, CVE-2021-34787

Railway Communication Devices Made by Moxa Affected by 60 Vulnerabilities Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 2, 2021, 3:32 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

moxa

model:

moxa

TOP Free Hacking Tools used by Black Hat Hackers 2021 Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: April 25, 2021, midnight	Vulnerabilities: denial of service, session hijacking, sql injection...

Affected products

External IDs

vendor:	cisco	model:	information server
vendor:	cisco	model:	access points
vendor:	cisco	model:	routers
vendor:	novell	model:	client
vendor:	ring	model:	ring
vendor:	wireshark	model:	wireshark
vendor:	google	model:	wifi
vendor:	netbsd	model:	netbsd
vendor:	aircrack-ng	model:	aircrack-ng

Researchers say they've found a flaw exposing millions of devices' camera data and audio to hackers - Washington Times Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	google home
vendor:	home assistant	model:	assistant

CVE-2021-40114 : Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic tha Related entries in the VARIoT vulnerabilities database: VAR-202110-1353 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	series
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2009-1234, CVE-2021-40114

NVD - CVE-2021-1523 Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	series
vendor:	cisco	model:	nexus
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	cisco nexus 9000 series
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	nexus 9000
vendor:	cisco systems	model:	nexus 9000 series
vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	nexus
vendor:	cisco systems	model:	nx-os
vendor:	cisco systems	model:	cisco nexus 9000 series
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	nexus 9000

db:

NVD

ids:

CVE-2021-1523

Apple patches ForcedEntry vulnerability used by spyware firm NSO Related entries in the VARIoT vulnerabilities database: VAR-202108-1057 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 14, 2021, midnight	Vulnerabilities: integer overflow, code execution

Affected products

External IDs

vendor:	apple	model:	ipod touch
vendor:	apple	model:	ipad
vendor:	apple	model:	watchos
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air

db:

NVD

ids:

CVE-2021-30860

Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program / Habr Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	wifi
vendor:	delegate	model:	delegate

db:

NVD

ids:

cve-2020-27937

Cybersecurity Vulnerability Could Affect Millions of Hikvision Cameras - Infosecurity Magazine Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 24, 2021, 10:30 a.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:

hikvision

model:

hikvision

What You Need To Know About New IoT Vulnerabilities - My TechDecisions Trust: 5.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: command injection, memory corruption

Affected products

External IDs

vendor:

realtek

model:

realtek sdk

Apple releases iOS 15.0.2 to fix two zero-day exploits - gHacks Tech News Related entries in the VARIoT vulnerabilities database: VAR-202108-2057 Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 14, 2021, 3:04 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	ipad air
vendor:	apple	model:	iphone
vendor:	apple	model:	ipod touch
vendor:	apple	model:	ipad

db:

NVD

ids:

CVE-2021-30883

IoT/connected device discovery and vulnerability assessment using IoTVAS API Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 4, 2022, midnight	Vulnerabilities: system crash, default credentials

Affected products

External IDs

vendor:

trend

model:

security

db:

NVD

ids:

CVE-2016-2148

FDA warns BlackBerry vulnerability may hit drug manufacturing, medical devices \| RAPS Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: integer overflow, denial of service

Affected products

External IDs

vendor:	blackberry	model:	blackberry
vendor:	mbed	model:	mbed

VARIoT news about IoT security