VARIoT latest news about IoT security

A Novel Machine Learning-Based Analysis Model for Smart Contract Vulnerability Trust: 3.5 Fetched: Nov. 9, 2021, 12:59 p.m., Published: Aug. 15, 2021, midnight	Vulnerabilities: integer overflow, denial of service

Affected products

External IDs

vendor:

serve

model:

serve

71 Windows vulnerabilities \| Kaspersky official blog Related entries in the VARIoT vulnerabilities database: VAR-202110-1687 Trust: 5.0 Fetched: Nov. 9, 2021, 12:59 p.m., Published: -	Vulnerabilities: privilege escalation, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-40449, CVE-2021-41335, CVE-2021-40469, CVE-2021-41338

71 Windows vulnerabilities \| Kaspersky official blog Related entries in the VARIoT vulnerabilities database: VAR-202110-1687 Trust: 5.0 Fetched: Nov. 9, 2021, 12:59 p.m., Published: -	Vulnerabilities: privilege escalation, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-40449, CVE-2021-41335, CVE-2021-40469, CVE-2021-41338

Fortinet : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202109-0399, VAR-202107-1088, VAR-202107-1086, VAR-202107-0631, VAR-202110-0131, VAR-202111-0232, VAR-202111-0330, VAR-202110-0149, VAR-202109-0502, VAR-202107-0632, VAR-202107-0838, VAR-202110-0132, VAR-202111-0317, VAR-202107-0629, VAR-202107-0837, VAR-202108-0655, VAR-202111-0241, VAR-202107-0836, VAR-202108-0672, VAR-202108-1025, VAR-202107-1087, VAR-202109-0400, VAR-202108-0575, VAR-202109-0501, VAR-202108-2100, VAR-202108-0712, VAR-202108-0658, VAR-202111-0306, VAR-202108-0657, VAR-202108-0673, VAR-202110-0150, VAR-202111-0322, VAR-202106-1430, VAR-202110-0151, VAR-202111-0302, VAR-202107-0839, VAR-202111-0313, VAR-202108-0656, VAR-202108-0674, VAR-202108-0730, VAR-202104-0997, VAR-202111-0231, VAR-202108-0731, VAR-202111-0314, VAR-202111-0305, VAR-202111-0284, VAR-202108-0675, VAR-202111-0343, VAR-202108-0676, VAR-202111-0307 Trust: 5.75 Fetched: Nov. 9, 2021, 12:59 p.m., Published: -	Vulnerabilities: path traversal, denial of service, access control vulnerability...

Affected products

External IDs

vendor:

fortigate

model:

fortios

db:

NVD

ids:

CVE-2021-24016, CVE-2021-26106, CVE-2021-26099, CVE-2021-24020, CVE-2021-24019, CVE-2021-26107, CVE-2021-36176, CVE-2021-36170, CVE-2021-36182, CVE-2021-24022, CVE-2021-26090, CVE-2021-24021, CVE-2021-36181, CVE-2021-24015, CVE-2021-26089, CVE-2021-32597, CVE-2021-36172, CVE-2021-26088, CVE-2021-32587, CVE-2021-26098, CVE-2021-26100, CVE-2021-24017, CVE-2021-24014, CVE-2021-36179, CVE-2021-24018, CVE-2021-36168, CVE-2021-32603, CVE-2021-36186, CVE-2021-32602, CVE-2021-32588, CVE-2021-36175, CVE-2021-41019, CVE-2009-1234, CVE-2021-26111, CVE-2021-36178, CVE-2021-42754, CVE-2021-26095, CVE-2021-36185, CVE-2021-32598, CVE-2021-32590, CVE-2021-26096, CVE-2021-24024, CVE-2021-32595, CVE-2021-26097, CVE-2021-36174, CVE-2021-36187, CVE-2021-36192, CVE-2021-32594, CVE-2021-36183, CVE-2021-32596, CVE-2021-36184

Cisco Ios Xe version 16.9.6 : Security vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202103-0768, VAR-202109-0747, VAR-202103-0540, VAR-202103-0550, VAR-202103-0773, VAR-202109-0245, VAR-202103-0778, VAR-202103-0546, VAR-202103-0544, VAR-202103-0534, VAR-202103-0763, VAR-202109-0601, VAR-202103-0549, VAR-202103-0470 Trust: 4.5 Fetched: Nov. 9, 2021, 12:59 p.m., Published: -	Vulnerabilities: memory corruption, denial of service, command injection

Affected products

External IDs

vendor:	cisco	model:	ios software
vendor:	cisco	model:	iox application
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	cisco iox application
vendor:	cisco	model:	series
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco iox
vendor:	cisco	model:	series switches

db:

NVD

ids:

CVE-2021-1446, CVE-2021-34699, CVE-2021-1377, CVE-2021-1391, CVE-2021-1435, CVE-2021-1619, CVE-2021-1442, CVE-2021-1390, CVE-2009-1234, CVE-2021-1384, CVE-2021-1403, CVE-2021-1453, CVE-2021-34705, CVE-2021-1376, CVE-2021-1352

Firepower Management Center Configuration Guide, Version 6.2 - System Configuration [Cisco Firepower Management Center] - Cisco Related entries in the VARIoT vulnerabilities database: VAR-201307-0421 Trust: 3.5 Fetched: Nov. 9, 2021, 12:59 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	router

db:

NVD

ids:

CVE-2013-4786

PSIRT Advisories \| FortiGuard Trust: 4.25 Fetched: Nov. 9, 2021, 12:59 p.m., Published: Jan. 5, 2022, midnight	Vulnerabilities: path traversal, directory traversal

Affected products	External IDs

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities - Cisco Related entries in the VARIoT vulnerabilities database: VAR-202010-1131 Trust: 5.75 Fetched: Nov. 9, 2021, 12:59 p.m., Published: Jan. 11, 2022, 10:54 p.m.	Vulnerabilities: cross-site scripting

Affected products

External IDs

vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	cisco firepower management center
vendor:	cisco	model:	firepower
vendor:	cisco	model:	asa software
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	firepower threat defense software
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	device manager
vendor:	cisco	model:	cisco adaptive security appliance software
vendor:	cisco	model:	firepower management center
vendor:	cisco	model:	adaptive security appliance software

db:

NVD

ids:

CVE-2020-3581

2021-10 Security Bulletin: Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Toolkit (JET) (CVE-2021-31350) - Juniper Networks Related entries in the VARIoT vulnerabilities database: VAR-202110-0386 Trust: 5.0 Fetched: Nov. 9, 2021, 12:59 p.m., Published: Oct. 15, 2021, midnight	Vulnerabilities: privilege escalation, privilege management vulnerability

Affected products

External IDs

db:

NVD

ids:

CVE-2021-31350

PSIRT Advisories \| FortiGuard Related entries in the VARIoT vulnerabilities database: VAR-202110-0132 Trust: 3.0 Fetched: Nov. 9, 2021, 12:59 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:	NVD	ids:	CVE-2021-24021
db:	FORTIGATE	ids:	FG-IR-20-098

New Vulnerability Could Put IoT Devices at Risk Trust: 3.75 Fetched: Nov. 9, 2021, 12:59 p.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2020-15858

Medical Device Vulnerability in GE Anesthesia and Respiratory Devices - SystemTek Trust: 4.75 Fetched: Nov. 9, 2021, 12:59 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	ge healthcare	model:	aespire
vendor:	ge healthcare	model:	aestiva

db:

NVD

ids:

CVE-2019-10337

How to resolve the 'Rom-0 vulnerability found' alert \| Avast Related entries in the VARIoT vulnerabilities database: VAR-202002-0775 Trust: 3.5 Fetched: Nov. 9, 2021, 12:59 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	safari
vendor:	google	model:	home
vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2014-4019

NVD - CVE-2021-40124 Related entries in the VARIoT vulnerabilities database: VAR-202111-0412 Trust: 3.75 Fetched: Nov. 9, 2021, 12:59 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	anyconnect secure mobility client
vendor:	cisco systems	model:	anyconnect_secure_mobility_client
vendor:	cisco systems	model:	cisco anyconnect secure mobility client
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	anyconnect secure mobility client
vendor:	cisco	model:	anyconnect_secure_mobility_client
vendor:	cisco	model:	cisco anyconnect secure mobility client

db:

NVD

ids:

CVE-2021-40124

NVD - CVE-2021-34741 Trust: 5.5 Fetched: Nov. 9, 2021, 12:59 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco systems	model:	email security appliance
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	asyncos
vendor:	cisco systems	model:	asyncos software
vendor:	cisco systems	model:	cisco email security appliance
vendor:	cisco systems	model:	cisco asyncos
vendor:	cisco	model:	email security appliance
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	asyncos
vendor:	cisco	model:	asyncos software
vendor:	cisco	model:	cisco email security appliance
vendor:	cisco	model:	cisco asyncos

db:

NVD

ids:

CVE-2021-34741

FabulaTech USB device vulnerability exposes devices to risk - TechRepublic Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

home

db:

NVD

ids:

CVE-2002-9332, CVE-2020-9332

PTES Technical Guidelines - The Penetration Testing Execution Standard Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 1, 2022, midnight	Vulnerabilities: replay attack, data injection, file inclusion...

Affected products

External IDs

vendor:	essential	model:	phone
vendor:	novell	model:	client
vendor:	novell	model:	netware
vendor:	sony computer entertainment	model:	camera
vendor:	netgear	model:	router
vendor:	serve	model:	serve
vendor:	barracuda	model:	running
vendor:	barracuda	model:	web application firewall
vendor:	barracuda	model:	barracuda
vendor:	citrix	model:	gateway
vendor:	rapid	model:	scada
vendor:	aircrack-ng	model:	aircrack-ng
vendor:	cisco systems	model:	guard
vendor:	cisco systems	model:	cisco ios
vendor:	cisco systems	model:	router
vendor:	cisco systems	model:	wireless access point
vendor:	cisco systems	model:	ip phone
vendor:	cisco systems	model:	catalyst
vendor:	cisco systems	model:	meeting
vendor:	cisco systems	model:	network access control
vendor:	cisco systems	model:	access points
vendor:	cisco systems	model:	routers
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	hsrp
vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	eigrp
vendor:	cisco systems	model:	support tools
vendor:	cisco systems	model:	leap
vendor:	asterisk	model:	open source
vendor:	canary	model:	canary
vendor:	wireshark	model:	wireshark
vendor:	sonicwall	model:	switch
vendor:	sonicwall	model:	analyzer
vendor:	sonicwall	model:	web application firewall
vendor:	google	model:	wifi
vendor:	google	model:	home
vendor:	cisco	model:	guard
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	router
vendor:	cisco	model:	wireless access point
vendor:	cisco	model:	ip phone
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	meeting
vendor:	cisco	model:	network access control
vendor:	cisco	model:	access points
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	hsrp
vendor:	cisco	model:	series
vendor:	cisco	model:	eigrp
vendor:	cisco	model:	support tools
vendor:	cisco	model:	leap
vendor:	mesh	model:	mesh
vendor:	hewlett packard	model:	hp-ux
vendor:	hewlett packard	model:	integrity
vendor:	hewlett packard	model:	stream
vendor:	hewlett packard	model:	switches
vendor:	hewlett packard	model:	hewlett packard
vendor:	palo	model:	firewall
vendor:	palo	model:	networks
vendor:	sony	model:	camera
vendor:	modbus	model:	slave

Internet of things - Wikipedia Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 1, 2022, midnight	Vulnerabilities: injection attack, default credentials, weak password...

Affected products

External IDs

vendor:	huawei	model:	huawei
vendor:	huawei	model:	smart phones
vendor:	serve	model:	serve
vendor:	rising	model:	antivirus
vendor:	home assistant	model:	assistant
vendor:	schneider	model:	concept
vendor:	schneider	model:	software update
vendor:	schneider	model:	modbus
vendor:	schneider	model:	monitor
vendor:	samsung smartthings	model:	printers
vendor:	samsung smartthings	model:	samsung
vendor:	samsung smartthings	model:	smartthings hub
vendor:	samsung smartthings	model:	mobile
vendor:	samsung smartthings	model:	note
vendor:	samsung smartthings	model:	mobile devices
vendor:	samsung smartthings	model:	notes
vendor:	smartthings	model:	smartthings hub
vendor:	samsung	model:	printers
vendor:	samsung	model:	samsung
vendor:	samsung	model:	smartthings hub
vendor:	samsung	model:	mobile
vendor:	samsung	model:	note
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	notes
vendor:	lenovo	model:	updates
vendor:	lenovo	model:	edge
vendor:	lenovo	model:	system
vendor:	mikrotik	model:	mikrotik
vendor:	mikrotik	model:	routers
vendor:	domoticz	model:	domoticz
vendor:	mesh	model:	mesh
vendor:	trend	model:	security
vendor:	trend	model:	antivirus
vendor:	cisco systems	model:	meeting
vendor:	cisco systems	model:	routers
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	h
vendor:	cisco systems	model:	service management
vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	spark
vendor:	google	model:	google home
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	cisco	model:	meeting
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	h
vendor:	cisco	model:	service management
vendor:	cisco	model:	series
vendor:	cisco	model:	spark
vendor:	ring	model:	ring
vendor:	sony	model:	camera
vendor:	sony	model:	playstation 3
vendor:	sony	model:	playstation
vendor:	notion	model:	bridge
vendor:	dahua	model:	camera
vendor:	apple	model:	iphone
vendor:	apple	model:	watch

Details Disclosed for Critical Vulnerability in Sophos Appliances \| SecurityWeek.Com Trust: 5.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2022, midnight	Vulnerabilities: privilege escalation, code execution

Affected products

External IDs

vendor:

sophos

model:

cyberoam

db:

NVD

ids:

CVE-2020-25223

A New Citrix Device Vulnerability Has Been Discovered Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	citrix	model:	application delivery controller
vendor:	citrix	model:	gateway
vendor:	citrix	model:	sd-wan wanop

db:

NVD

ids:

CVE-2019-19781

VARIoT news about IoT security