VARIoT latest news about IoT security

Column - Destigmatizing Medical Device Vulnerability Disclosures to Improve Healthcare Cybersecurity - MedTech Intelligence Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

serve

model:

serve

db:

ICS CERT

ids:

ICSMA-20-049-02, ICSMA-20-023-01

New IoT Device Vulnerability Announced Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28372

Critical Vulnerability Affects Millions of IoT Devices Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 17, 2021, 8:45 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28372

New BrakTooth Vulnerabilities has affected billion of Bluetooth devices around the world - Craffic Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 7, 2021, 1:26 p.m.	Vulnerabilities: code execution

Affected products	External IDs

Exploitation of the CVE-2021-40444 vulnerability in MSHTML \| Securelist Related entries in the VARIoT vulnerabilities database: VAR-202107-1010, VAR-202106-0639, VAR-202109-1909 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-34527, CVE-2021-1675, CVE-2021-40444

Are your IoT devices leaving you vulnerable to cyberattacks? - INTRUSION Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 13, 2021, 6:51 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

home

Multiple Vulnerabilities Fix Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2020-28050

Vulnerability Database Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

db:

NVD

ids:

CVE-2021-43350

November Related entries in the VARIoT vulnerabilities database: VAR-202103-0287, VAR-202105-1432, VAR-202110-1864, VAR-202111-1769, VAR-202112-0354, VAR-202110-1869, VAR-202105-0585, VAR-202105-1431, VAR-202110-1487, VAR-202111-1766, VAR-202111-1764, VAR-202112-0345, VAR-202105-1477, VAR-202111-1768, VAR-202012-1546, VAR-202112-0224, VAR-202112-0344, VAR-202110-1499, VAR-202105-0257, VAR-202110-1865, VAR-202111-1765, VAR-202110-1134, VAR-202111-1770, VAR-202006-0946, VAR-202105-1428, VAR-202111-1767, VAR-202109-0009, VAR-202111-1763, VAR-202110-1119, VAR-202110-1133, VAR-202110-1851, VAR-202012-1547, VAR-202105-0449 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 9, 2021, 11:12 a.m.	Vulnerabilities: code execution, input verification vulnerability, directory traversal

Affected products

External IDs

vendor:	huawei	model:	hisuite
vendor:	huawei	model:	emui
vendor:	huawei	model:	huawei

db:

NVD

ids:

CVE-2020-27825, CVE-2021-0643, CVE-2020-35508, CVE-2021-0706, CVE-2020-24587, CVE-2021-0129, CVE-2021-37125, CVE-2021-39974, CVE-2021-0703, CVE-2021-0937, CVE-2021-37039, CVE-2021-31916, CVE-2021-0870, CVE-2021-0935, CVE-2021-32399, CVE-2021-39978, CVE-2021-1891, CVE-2020-25641, CVE-2020-24588, CVE-2020-12352, CVE-2021-1967, CVE-2021-29647, CVE-2021-36988, CVE-2021-27666, CVE-2021-39966, CVE-2021-39967, CVE-2021-37069, CVE-2020-25656, CVE-2021-0651, CVE-2020-26146, CVE-2020-14314, CVE-2021-39973, CVE-2020-29661, CVE-2021-37096, CVE-2021-0708, CVE-2021-37074, CVE-2020-27786, CVE-2021-22481, CVE-2020-26145, CVE-2021-37126, CVE-2019-25045, CVE-2020-17541, CVE-2021-37112, CVE-2021-0483, CVE-2021-0936, CVE-2021-0702, CVE-2021-1977, CVE-2021-39969, CVE-2020-15358, CVE-2020-26141, CVE-2021-30305, CVE-2021-3564, CVE-2021-0691, CVE-2019-20934, CVE-2021-1969, CVE-2021-37133, CVE-2021-1966, CVE-2020-11264, CVE-2020-24490, CVE-2021-37118, CVE-2021-0705, CVE-2021-30306, CVE-2021-0941, CVE-2021-1980, CVE-2021-37110, CVE-2020-29660, CVE-2021-0652, CVE-2021-1927

November Related entries in the VARIoT vulnerabilities database: VAR-202103-0287, VAR-202105-1432, VAR-202110-1864, VAR-202111-1769, VAR-202112-0354, VAR-202110-1869, VAR-202105-0585, VAR-202105-1431, VAR-202110-1487, VAR-202111-1766, VAR-202111-1764, VAR-202112-0345, VAR-202105-1477, VAR-202111-1768, VAR-202012-1546, VAR-202112-0224, VAR-202112-0344, VAR-202110-1499, VAR-202105-0257, VAR-202110-1865, VAR-202111-1765, VAR-202110-1134, VAR-202111-1770, VAR-202006-0946, VAR-202105-1428, VAR-202111-1767, VAR-202109-0009, VAR-202111-1763, VAR-202110-1119, VAR-202110-1133, VAR-202110-1851, VAR-202012-1547, VAR-202105-0449 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 8, 2021, 10:30 a.m.	Vulnerabilities: code execution, input verification vulnerability, directory traversal

Affected products

External IDs

vendor:	huawei	model:	hisuite
vendor:	huawei	model:	emui
vendor:	huawei	model:	huawei

db:

NVD

ids:

CVE-2020-27825, CVE-2021-0643, CVE-2020-35508, CVE-2021-0706, CVE-2020-24587, CVE-2021-0129, CVE-2021-37125, CVE-2021-39974, CVE-2021-0703, CVE-2021-0937, CVE-2021-37039, CVE-2021-31916, CVE-2021-0870, CVE-2021-0935, CVE-2021-32399, CVE-2021-39978, CVE-2021-1891, CVE-2020-25641, CVE-2020-24588, CVE-2020-12352, CVE-2021-1967, CVE-2021-29647, CVE-2021-36988, CVE-2021-27666, CVE-2021-39966, CVE-2021-39967, CVE-2021-37069, CVE-2020-25656, CVE-2021-0651, CVE-2020-26146, CVE-2020-14314, CVE-2021-39973, CVE-2020-29661, CVE-2021-37096, CVE-2021-0708, CVE-2021-37074, CVE-2020-27786, CVE-2021-22481, CVE-2020-26145, CVE-2021-37126, CVE-2019-25045, CVE-2020-17541, CVE-2021-37112, CVE-2021-0483, CVE-2021-0936, CVE-2021-0702, CVE-2021-1977, CVE-2021-39969, CVE-2020-15358, CVE-2020-26141, CVE-2021-30305, CVE-2021-3564, CVE-2021-0691, CVE-2019-20934, CVE-2021-1969, CVE-2021-37133, CVE-2021-1966, CVE-2020-11264, CVE-2020-24490, CVE-2021-37118, CVE-2021-0705, CVE-2021-30306, CVE-2021-0941, CVE-2021-1980, CVE-2021-37110, CVE-2020-29660, CVE-2021-0652, CVE-2021-1927

NVD - CVE-2021-34793 Related entries in the VARIoT vulnerabilities database: VAR-202110-1376 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco systems	model:	cisco adaptive security appliance
vendor:	cisco systems	model:	asa_5545-x_firmware
vendor:	cisco systems	model:	firepower
vendor:	cisco systems	model:	firepower_threat_defense
vendor:	cisco systems	model:	asa_5580
vendor:	cisco systems	model:	asa_5505_firmware
vendor:	cisco systems	model:	asa_5555-x_firmware
vendor:	cisco systems	model:	asa_5585-x
vendor:	cisco systems	model:	firepower threat defense
vendor:	cisco systems	model:	asa_5580_firmware
vendor:	cisco systems	model:	adaptive security appliance
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	adaptive_security_appliance
vendor:	cisco systems	model:	asa_5585-x_firmware
vendor:	cisco systems	model:	asa_5525-x_firmware
vendor:	cisco systems	model:	asa_5505
vendor:	cisco systems	model:	asa_5512-x_firmware
vendor:	cisco systems	model:	asa_5515-x_firmware
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	asa_5545-x_firmware
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower_threat_defense
vendor:	cisco	model:	asa_5580
vendor:	cisco	model:	asa_5505_firmware
vendor:	cisco	model:	asa_5555-x_firmware
vendor:	cisco	model:	asa_5585-x
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	asa_5580_firmware
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	adaptive_security_appliance
vendor:	cisco	model:	asa_5585-x_firmware
vendor:	cisco	model:	asa_5525-x_firmware
vendor:	cisco	model:	asa_5505
vendor:	cisco	model:	asa_5512-x_firmware
vendor:	cisco	model:	asa_5515-x_firmware

db:

NVD

ids:

CVE-2021-34793

Vulnerability Assessment API - Carbon Black Developer Network Related entries in the VARIoT vulnerabilities database: VAR-202008-0248 Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 2, 2022, midnight	Vulnerabilities: directory traversal

Affected products

External IDs

db:

NVD

ids:

CVE-2020-1472, CVE-0001-001, CVE-2007-4559, CVE-2014-4650, CVE-2001-1267, CVE-2020-1350

Apple releases patches for Catalina and iOS 12.5.5 vulnerabilities Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	macos
vendor:	apple	model:	ipod touch
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air

CVE - CVE-2021-1499 Related entries in the VARIoT vulnerabilities database: VAR-202105-0617 Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco systems	model:	hyperflex
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	cisco hyperflex
vendor:	cisco systems	model:	hyperflex hx data platform
vendor:	cisco	model:	hyperflex
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	cisco hyperflex
vendor:	cisco	model:	hyperflex hx data platform

db:

NVD

ids:

CVE-2021-1499

All PrintNightmare Vulnerabilities Fixed Related entries in the VARIoT vulnerabilities database: VAR-202107-1010 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 15, 2021, 11:04 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-34527, CVE-2021-36958

Export software vulnerabilities assessment per device \| Microsoft Docs Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 2, 2021, 6:37 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

db:

NVD

ids:

CVE-2020-16011, CVE-2020-26971

Cybersecurity Vulnerabilities Affecting Medtronic Implantable Cardiac Devices, Programmers, and Home Monitors: FDA Safety Communication \| FDA Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	medtronic	model:	carelink monitor
vendor:	medtronic	model:	concerto ii crt-d
vendor:	medtronic	model:	nayamed nd icd
vendor:	medtronic	model:	virtuoso ii icd
vendor:	medtronic	model:	secura icd
vendor:	medtronic	model:	concerto crt-d
vendor:	medtronic	model:	carelink 2090 programmer
vendor:	medtronic	model:	maximo ii crt-d
vendor:	medtronic	model:	encore programmer
vendor:	medtronic	model:	viva crt-d
vendor:	medtronic	model:	virtuoso icd
vendor:	medtronic	model:	evera icd
vendor:	medtronic	model:	mycarelink monitor
vendor:	medtronic	model:	visia af icd
vendor:	medtronic	model:	carelink 2090
vendor:	medtronic	model:	carelink programmer
vendor:	medtronic	model:	protecta crt-d
vendor:	medtronic	model:	consulta crt-d

Microsoft Fixes 4 Critical Vulnerabilities in Windows 7 Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 10, 2021, 7:22 p.m.	Vulnerabilities: code execution, memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2021-34481, CVE-2021-34480, CVE-2021-34535, CVE-2021-36936, CVE-2021-26424

Weaknesses in health care system and device security - Pinnacle Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

Cybersecurity \| FDA Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 22, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	blackberry	model:	playbook
vendor:	blackberry	model:	blackberry
vendor:	blackberry	model:	link
vendor:	hospira	model:	lifecare pca3
vendor:	medtronic	model:	paradigm

VARIoT news about IoT security