Sign-up

VARIoT news about IoT security

New Research Uncovers 5 Vulnerabilities in Mitsubishi Safety PLCs

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 5, 2021, 3:01 a.m.
 Vulnerabilities: account lockout
Affected productsExternal IDs

Report: 83 Million Cameras, Other Devices Prone to IoT Vulnerability - Commercial Integrator

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 17, 2021, 2:45 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable - duckduck WHO ?

Trust: 5.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-28139

Multiple Flaws in Realtek SDK Affect Wide Range of IoT Devices | Decipher

Trust: 4.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 16, 2021, midnight
 Vulnerabilities: command injection, buffer overflow
Affected productsExternal IDs
vendor: realtek model: realtek sdk
vendor: asus model: asus

Microsoft MSHTML Remote Code Execution Vulnerability: Security Bulletins: Information Security & Policy: Indiana University

Related entries in the VARIoT vulnerabilities database: VAR-202109-1909

Trust: 5.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 12, 2022, midnight
 Vulnerabilities: file execution, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-40444

Mandiant Discloses Critical Vulnerability Affecting Millions of IoT Devices | Mandiant

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 17, 2021, midnight
 Vulnerabilities: device impersonation, code execution
Affected productsExternal IDs
vendor: google model: home
vendor: wireshark model: wireshark
vendor: apple model: watch
db: NVD ids: CVE-2021-28372

A Vulnerability in Cisco Adaptive Security Appliance and Firepower Threat Defense Could Allow for Security Bypass

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 7, 2022, 7:33 p.m.
 Vulnerabilities: security bypass
Affected productsExternal IDs
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: small business
vendor: cisco model: adaptive security appliance

Apple iOS and iPadOS Vulnerability Exploited by Cybercriminals

Related entries in the VARIoT vulnerabilities database: VAR-202108-2057

Trust: 5.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 13, 2021, 4:34 p.m.
 Vulnerabilities: integer overflow, privilege escalation
Affected productsExternal IDs
vendor: apple model: ipod touch
vendor: apple model: ipad
vendor: apple model: iphone os
vendor: apple model: iphone
db: NVD ids: CVE-2021-30883

Microsoft warns of dangerous vulnerability in Surface Pro 3 devices

Related entries in the VARIoT vulnerabilities database: VAR-202108-1285, VAR-202110-1321, VAR-202002-0458

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 21, 2021, 7:58 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: broadcom model: broadcom
vendor: broadcom model: linux
db: NVD ids: CVE-2021-30970, CVE-2021-42299, CVE-2019-15126

These Bluetooth security flaws could affect billions of devices | TechRadar

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 3, 2021, 2:01 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Cisco urges users to patch critical vulnerability in virtualized network devices after PoC is made public | The Daily Swig

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 3, 2021, 1:45 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: cisco model: router

Security Advisory - CSV Injection Vulnerability in Some Huawei Products

Related entries in the VARIoT vulnerabilities database: VAR-202110-1355

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 14, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2021-37131

Smart Home Device Software Vulnerability

Trust: 3.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

NVD - CVE-2021-1623

Trust: 5.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 8, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco systems model: cisco systems
vendor: cisco systems model: cbr-8 converged broadband routers
vendor: cisco systems model: routers
vendor: cisco systems model: cbr-8
vendor: cisco model: cisco systems
vendor: cisco model: cbr-8 converged broadband routers
vendor: cisco model: routers
vendor: cisco model: cbr-8
db: NVD ids: CVE-2021-1623

BadAlloc Vulnerability Affecting Devices Incorporating Older BlackBerry QNX Products | CISA

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 11, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: blackberry model: link
vendor: blackberry model: blackberry

Decade-long vulnerability in multiple routers could allow network compromise | The Daily Swig

Related entries in the VARIoT vulnerabilities database: VAR-202104-0770, VAR-202104-0769

Trust: 5.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 4, 2021, 3:53 p.m.
 Vulnerabilities: improper validation, authentication bypass, path traversal
Affected productsExternal IDs
vendor: buffalo model: wsr-2533dhp3
vendor: buffalo model: buffalo router
vendor: buffalo model: wsr-2533dhpl2
vendor: buffalo model: router
vendor: buffalo model: buffalo wsr-2533dhpl2
db: NVD ids: CVE-2021-20092, CVE-2021-20091

Zero-day flaws in IoT baby monitors could give attackers access to camera feeds | The Daily Swig

Trust: 5.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 2, 2021, 4:15 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: realtek model: realtek sdk

Detect & Prioritize NSO Pegasus iPhone Spyware Vulnerabilities Using VMDR for Mobile Devices | Qualys Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-202108-1057, VAR-202108-2172

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 20, 2021, 2:47 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: apple model: webkit
vendor: apple model: ipad
vendor: apple model: ipod touch
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: iphone
db: NVD ids: CVE-2021-30860, CVE-2021-30858

BrakTooth Bluetooth vulnerabilities could affect billions of devices - SiliconANGLE

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 7, 2021, 2:05 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-28139

Update Apple devices immediately to close a critical security vulnerability | HMS IT

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 14, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: macos