Sign-up

VARIoT news about IoT security

VMware issues details of emergency actions that need taking to address a critical security vulnerability

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 24, 2021, 8:35 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-22005

Microsoft Researchers Help Apple Fix A Critical MacOS Bug

Related entries in the VARIoT vulnerabilities database: VAR-202108-2056

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 1, 2021, 1:17 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
db: NVD ids: CVE-2021-30892

What Medical Device Vendors Can Learn From Past Cybersecurity Vulnerability Disclosures | October 19, 2021 | Engineering360 Webinars

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 19, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Realtek vulnerabilities compromise hundreds of thousands of routers, IoT devices | TechRadar

Trust: 3.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 16, 2021, 3:19 p.m.
 Vulnerabilities: memory corruption, command injection
Affected productsExternal IDs
vendor: asus model: asus
vendor: realtek model: sdk
vendor: realtek model: realtek sdk

Patch this AMD CPU vulnerability now, users warned | TechRadar

Trust: 3.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 20, 2021, 1:16 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-26333

Local Privilege Escalation Vulnerability (0-day) in all Windows Versions | Born's Tech and Windows World

Related entries in the VARIoT vulnerabilities database: VAR-202108-1005

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 29, 2021, 3:33 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2021-34484

Critical Bug Could Allow Remote Snooping Via Millions of Devices - Infosecurity Magazine

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, 10:06 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-28372

Honeywell Critical Vulnerabilities Discovered in Experion PKS

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 7, 2021, 11:17 a.m.
 Vulnerabilities: denial of service, path traversal, code execution
Affected productsExternal IDs
vendor: honeywell model: experion process knowledge system
vendor: honeywell model: honeywell experion process knowledge system
vendor: honeywell model: experion

Millions of IoT Devices Vulnerable to Cloud Platform Flaws

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, 3:20 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-28372

Millions Of IOT Devices Are Identified with Critical Vulnerability - CyberWorkx

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, 4:39 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-28372

Update your Apple devices now. New Pegasus hack prompts company to issue new software to fix iMessage vulnerability.

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 13, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone

Microsoft acknowledges Windows zero-day vulnerability based on malicious Office files - OnMSFT.com

Related entries in the VARIoT vulnerabilities database: VAR-202109-1909

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 8, 2021, 2:27 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-40444

Realtek-based routers, smart devices are being gobbled up by a voracious botnet | Malwarebytes Labs

Related entries in the VARIoT vulnerabilities database: VAR-202104-0768

Trust: 4.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 24, 2021, 1:36 p.m.
 Vulnerabilities: denial of service, command injection
Affected productsExternal IDs
vendor: orange model: web server
vendor: huawei model: huawei
vendor: belkin model: router
vendor: asustek model: asus
vendor: asustek model: router
vendor: asus model: asus
vendor: asus model: router
vendor: d-link model: router
vendor: realtek model: realtek sdk
vendor: buffalo model: router
vendor: netgear model: router
db: NVD ids: CVE-2021-35395, CVE-2021-20090

Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection

Related entries in the VARIoT vulnerabilities database: VAR-202108-2056

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 28, 2021, 4 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2021-30892

Multiple attempts to exploit Realtek vulnerabilities discovered by our researchers - SAM Seamless Network

Related entries in the VARIoT vulnerabilities database: VAR-202104-0768

Trust: 5.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 19, 2021, 2:31 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: paloaltonetworks model: networks
vendor: paloaltonetworks model: palo alto networks
vendor: palo model: networks
vendor: palo model: palo alto networks
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks
vendor: realtek model: realtek sdk
db: NVD ids: CVE-2021-35395, CVE-2021-20090

Researchers Develop Toolkit to Test Apple Security, Find Vulnerability • Electrical and Computer Engineering

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 13, 2021, 4:26 p.m.
 Vulnerabilities: timing attack
Affected productsExternal IDs
vendor: apple model: iphone

Here's how hackers exploit IoT device vulnerabilities to invade hardware

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 19, 2021, 9:50 a.m.
 Vulnerabilities: -
Affected productsExternal IDs

Update Your Apple Devices to Avoid This Zero-Click Malware | Tech.co

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 14, 2021, 8:33 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Severe Bugs in Realtek SDK Affects Around Millions of IoT Devices

Trust: 6.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 17, 2021, 7:18 p.m.
 Vulnerabilities: buffer overflow, command execution, memory corruption...
Affected productsExternal IDs
vendor: realtek model: realtek sdk
db: NVD ids: CVE-2021-35394, CVE-2021-35393, CVE-2021-35392, CVE-2021-35395

CVE-2021-30860: Fix Your Apple Device against the FORCEDENTRY Zero-Day

Related entries in the VARIoT vulnerabilities database: VAR-202108-1057

Trust: 5.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 14, 2021, 10:16 a.m.
 Vulnerabilities: integer overflow, buffer overflow, code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: watchos
db: NVD ids: CVE-2019-3568, CVE-2021-30860