VARIoT latest news about IoT security

NVD - CVE-2021-34793 Related entries in the VARIoT vulnerabilities database: VAR-202110-1376 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco systems	model:	cisco adaptive security appliance
vendor:	cisco systems	model:	asa_5545-x_firmware
vendor:	cisco systems	model:	firepower
vendor:	cisco systems	model:	firepower_threat_defense
vendor:	cisco systems	model:	asa_5580
vendor:	cisco systems	model:	asa_5505_firmware
vendor:	cisco systems	model:	asa_5555-x_firmware
vendor:	cisco systems	model:	asa_5585-x
vendor:	cisco systems	model:	firepower threat defense
vendor:	cisco systems	model:	asa_5580_firmware
vendor:	cisco systems	model:	adaptive security appliance
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	adaptive_security_appliance
vendor:	cisco systems	model:	asa_5585-x_firmware
vendor:	cisco systems	model:	asa_5525-x_firmware
vendor:	cisco systems	model:	asa_5505
vendor:	cisco systems	model:	asa_5512-x_firmware
vendor:	cisco systems	model:	asa_5515-x_firmware
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	asa_5545-x_firmware
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower_threat_defense
vendor:	cisco	model:	asa_5580
vendor:	cisco	model:	asa_5505_firmware
vendor:	cisco	model:	asa_5555-x_firmware
vendor:	cisco	model:	asa_5585-x
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	asa_5580_firmware
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	adaptive_security_appliance
vendor:	cisco	model:	asa_5585-x_firmware
vendor:	cisco	model:	asa_5525-x_firmware
vendor:	cisco	model:	asa_5505
vendor:	cisco	model:	asa_5512-x_firmware
vendor:	cisco	model:	asa_5515-x_firmware

db:

NVD

ids:

CVE-2021-34793

Vulnerability Assessment API - Carbon Black Developer Network Related entries in the VARIoT vulnerabilities database: VAR-202008-0248 Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 2, 2022, midnight	Vulnerabilities: directory traversal

Affected products

External IDs

db:

NVD

ids:

CVE-2020-1472, CVE-0001-001, CVE-2007-4559, CVE-2014-4650, CVE-2001-1267, CVE-2020-1350

Apple releases patches for Catalina and iOS 12.5.5 vulnerabilities Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	macos
vendor:	apple	model:	ipod touch
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air

CVE - CVE-2021-1499 Related entries in the VARIoT vulnerabilities database: VAR-202105-0617 Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco systems	model:	hyperflex
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	cisco hyperflex
vendor:	cisco systems	model:	hyperflex hx data platform
vendor:	cisco	model:	hyperflex
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	cisco hyperflex
vendor:	cisco	model:	hyperflex hx data platform

db:

NVD

ids:

CVE-2021-1499

All PrintNightmare Vulnerabilities Fixed Related entries in the VARIoT vulnerabilities database: VAR-202107-1010 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 15, 2021, 11:04 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-34527, CVE-2021-36958

Export software vulnerabilities assessment per device \| Microsoft Docs Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 2, 2021, 6:37 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

db:

NVD

ids:

CVE-2020-16011, CVE-2020-26971

Cybersecurity Vulnerabilities Affecting Medtronic Implantable Cardiac Devices, Programmers, and Home Monitors: FDA Safety Communication \| FDA Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	medtronic	model:	carelink monitor
vendor:	medtronic	model:	concerto ii crt-d
vendor:	medtronic	model:	nayamed nd icd
vendor:	medtronic	model:	virtuoso ii icd
vendor:	medtronic	model:	secura icd
vendor:	medtronic	model:	concerto crt-d
vendor:	medtronic	model:	carelink 2090 programmer
vendor:	medtronic	model:	maximo ii crt-d
vendor:	medtronic	model:	encore programmer
vendor:	medtronic	model:	viva crt-d
vendor:	medtronic	model:	virtuoso icd
vendor:	medtronic	model:	evera icd
vendor:	medtronic	model:	mycarelink monitor
vendor:	medtronic	model:	visia af icd
vendor:	medtronic	model:	carelink 2090
vendor:	medtronic	model:	carelink programmer
vendor:	medtronic	model:	protecta crt-d
vendor:	medtronic	model:	consulta crt-d

Microsoft Fixes 4 Critical Vulnerabilities in Windows 7 Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 10, 2021, 7:22 p.m.	Vulnerabilities: code execution, memory corruption

Affected products

External IDs

db:

NVD

ids:

CVE-2021-34481, CVE-2021-34480, CVE-2021-34535, CVE-2021-36936, CVE-2021-26424

Weaknesses in health care system and device security - Pinnacle Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security

Cybersecurity \| FDA Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 22, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	blackberry	model:	playbook
vendor:	blackberry	model:	blackberry
vendor:	blackberry	model:	link
vendor:	hospira	model:	lifecare pca3
vendor:	medtronic	model:	paradigm

HTTP and HTTPS Access Vulnerability \| Allied Telesis Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 14, 2021, 9:42 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2018-8715

Google Chrome Software Vulnerability Exploited in The Wild Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 27, 2021, 2:32 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

Vulnerability Assessment for Network Devices - Now More Than Ever! \| BeyondTrust Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

serve

model:

serve

Security Advisory for Fragment and Forge vulnerabilities on some WiFi capable devices, PSV-2021-0014 & PSV-2021-0080 \| Answer \| NETGEAR Support Related entries in the VARIoT vulnerabilities database: VAR-202105-1431, VAR-202105-1477, VAR-202105-1432 Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	netgear	model:	r7850
vendor:	netgear	model:	rbw30
vendor:	netgear	model:	rbr40
vendor:	netgear	model:	rbr750
vendor:	netgear	model:	wn3000rpv2
vendor:	netgear	model:	r7000p
vendor:	netgear	model:	rbs750
vendor:	netgear	model:	rbr50
vendor:	netgear	model:	rax45
vendor:	netgear	model:	rax120
vendor:	netgear	model:	ex6410
vendor:	netgear	model:	router
vendor:	netgear	model:	ex6400v2
vendor:	netgear	model:	ex7000
vendor:	netgear	model:	r6700v3
vendor:	netgear	model:	r7900p
vendor:	netgear	model:	ex3700
vendor:	netgear	model:	r8300
vendor:	netgear	model:	ex7500
vendor:	netgear	model:	rax35
vendor:	netgear	model:	r6900p
vendor:	netgear	model:	ex6130
vendor:	netgear	model:	ex7700
vendor:	netgear	model:	r6220
vendor:	netgear	model:	rax15
vendor:	netgear	model:	xr300
vendor:	netgear	model:	rbs50
vendor:	netgear	model:	r8500
vendor:	netgear	model:	r7900
vendor:	netgear	model:	orbi
vendor:	netgear	model:	r6400v2
vendor:	netgear	model:	r8000p
vendor:	netgear	model:	ex2700
vendor:	netgear	model:	r6350
vendor:	netgear	model:	r6020
vendor:	netgear	model:	r7000
vendor:	netgear	model:	r6850
vendor:	netgear	model:	r6120
vendor:	netgear	model:	rbr20
vendor:	netgear	model:	srs60
vendor:	netgear	model:	r6230
vendor:	netgear	model:	mr60
vendor:	netgear	model:	ex6150v2
vendor:	netgear	model:	ex8000
vendor:	netgear	model:	wac505
vendor:	netgear	model:	ex6200v2
vendor:	netgear	model:	rbs850
vendor:	netgear	model:	ex3800
vendor:	netgear	model:	rs400
vendor:	netgear	model:	c6900
vendor:	netgear	model:	ex6250
vendor:	netgear	model:	ex6420
vendor:	netgear	model:	wn3000rpv3
vendor:	netgear	model:	rbs10
vendor:	netgear	model:	r7100lg
vendor:	netgear	model:	rbs40
vendor:	netgear	model:	rbr850
vendor:	netgear	model:	rbs50y
vendor:	netgear	model:	ex6120
vendor:	netgear	model:	dc112a
vendor:	netgear	model:	rax40
vendor:	netgear	model:	rax20
vendor:	netgear	model:	ex6100v2
vendor:	netgear	model:	r6400
vendor:	netgear	model:	ex7300v2
vendor:	netgear	model:	rbs20
vendor:	netgear	model:	ex7320
vendor:	netgear	model:	r8000
vendor:	netgear	model:	rax38
vendor:	netgear	model:	r6080
vendor:	netgear	model:	lax20
vendor:	netgear	model:	r6260
vendor:	netgear	model:	srr60
vendor:	netgear	model:	rbr10
vendor:	netgear	model:	wac510
vendor:	netgear	model:	rax50
vendor:	netgear	model:	r6700v2
vendor:	netgear	model:	lbr20
vendor:	mesh	model:	mesh

db:

NVD

ids:

CVE-2020-24588, CVE-2020-26146, CVE-2020-24587

NVD - CVE-2021-34783 Related entries in the VARIoT vulnerabilities database: VAR-202110-1394 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	asa_5580_firmware
vendor:	cisco	model:	adaptive_security_appliance
vendor:	cisco	model:	asa_5545-x_firmware
vendor:	cisco	model:	asa_5580
vendor:	cisco	model:	asa_5505_firmware
vendor:	cisco	model:	asa_5555-x_firmware
vendor:	cisco	model:	asa_5585-x
vendor:	cisco	model:	asa_5525-x_firmware
vendor:	cisco	model:	asa_5585-x_firmware
vendor:	cisco	model:	asa_5505
vendor:	cisco	model:	asa_5512-x_firmware
vendor:	cisco	model:	asa_5515-x_firmware

db:

NVD

ids:

CVE-2021-34783

IoT Devices Affected by Multiple Vulnerabilities in Realtek WiFi Modules Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-35392

Out-of-Bounds Vulnerabilities in OpenSSL - Security Advisory \| QNAP (US) Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-3711, CVE-2021-3712

Meltdown and Spectre Vulnerabilities \| Allied Telesis Related entries in the VARIoT vulnerabilities database: VAR-201801-0826, VAR-201801-1711, VAR-201801-1712 Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2017-5715, CVE-2017-5754, CVE-2017-5753

Newly Found IoT Vulnerability Could Impact up to 83M Devices - CE Pro Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, 5:26 p.m.	Vulnerabilities: code execution

Affected products	External IDs

Vulnerability Affecting Routers From Many Vendors Exploited Days After Disclosure \| SecurityWeek.Com Related entries in the VARIoT vulnerabilities database: VAR-202104-0768, VAR-202104-0769 Trust: 5.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2022, midnight	Vulnerabilities: path traversal

Affected products

External IDs

vendor:	cisco	model:	routers
vendor:	cisco	model:	series
vendor:	palo alto networks	model:	palo alto networks
vendor:	palo alto networks	model:	networks
vendor:	asus	model:	asus
vendor:	palo	model:	palo alto networks
vendor:	palo	model:	networks

db:

NVD

ids:

CVE-2021-20090, CVE-2021-20091

VARIoT news about IoT security