VARIoT latest news about IoT security

Zero-day vulnerabilities in Victure baby monitors allow hackers to spy on families remotely. Parents should turn off these devices Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 3, 2021, 4:11 p.m.	Vulnerabilities: -

Affected products	External IDs

NVD - CVE-2021-34792 Related entries in the VARIoT vulnerabilities database: VAR-202110-1377 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	asa_5580_firmware
vendor:	cisco	model:	adaptive_security_appliance
vendor:	cisco	model:	asa_5545-x_firmware
vendor:	cisco	model:	asa_5580
vendor:	cisco	model:	asa_5505_firmware
vendor:	cisco	model:	asa_5555-x_firmware
vendor:	cisco	model:	asa_5585-x
vendor:	cisco	model:	asa_5525-x_firmware
vendor:	cisco	model:	asa_5585-x_firmware
vendor:	cisco	model:	asa_5505
vendor:	cisco	model:	asa_5512-x_firmware
vendor:	cisco	model:	asa_5515-x_firmware

db:

NVD

ids:

CVE-2021-34792

How hackers exploited RCE vulnerabilities in Atlassian, Azure Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 13, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	barracuda	model:	barracuda
vendor:	barracuda networks	model:	barracuda

db:

NVD

ids:

CVE-2021-38647, CVE-2021-26084

Pegasus (spyware) - Wikipedia Related entries in the VARIoT vulnerabilities database: VAR-201608-0186, VAR-202108-1057, VAR-201608-0187, VAR-201608-0188 Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight	Vulnerabilities: information leak, memory corruption, code execution

Affected products

External IDs

vendor:	trend	model:	security
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	webkit
vendor:	apple	model:	iphone
vendor:	apple	model:	safari

db:

NVD

ids:

CVE-2016-4655, CVE-2021-30860, CVE-2016-4656, CVE-2016-4657

Blackberry Admits QNX OS Vulnerability Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

blackberry

model:

blackberry

iOS jailbreaking - Wikipedia Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 1, 2022, midnight	Vulnerabilities: default password, memory corruption, privilege escalation

Affected products

External IDs

vendor:	essential	model:	phone
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	ipad
vendor:	apple	model:	webkit
vendor:	apple	model:	apple tv
vendor:	apple	model:	mac os
vendor:	apple	model:	ipad air
vendor:	apple	model:	iphone os
vendor:	apple	model:	macos
vendor:	apple	model:	iphone 3gs
vendor:	apple	model:	itunes
vendor:	apple	model:	safari
vendor:	apple	model:	mac os x
vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	apple	model:	ipod touch

NVD - CVE-2021-20122 Related entries in the VARIoT vulnerabilities database: VAR-202104-0768 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: authentication vulnerability, command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2021-20122, CVE-2021-20090

Home - Securing Tomorrow. Today. \| McAfee Blogs Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 16, 2021, 4:38 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

squid

model:

squid

Sonic.net • Strange device connected to my Wi-Fi... am I vulnerable to hacking? Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 5, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

home

IoT Medical Devices Security Wi-Fi Vulnerabilities - IoT Executive Retained Search Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 28, 2021, 2:11 p.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

serve

model:

serve

Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks \| Cyware Alerts - Hacker News Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 4, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Our Shared Security: Responsibly Disclosing Competitor Vulnerabilities \| Ledger Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: side channel attack

Affected products	External IDs

No title Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	hewlett-packard company	model:	hewlett-packard company
vendor:	hewlett-packard company	model:	stream
vendor:	hewlett-packard	model:	hewlett-packard company
vendor:	hewlett-packard	model:	stream

Supply Chain Attacks on IoT - Million+ Devices Are Vulnerable \| by Zen Chan \| Technology Hits \| Medium Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, midnight	Vulnerabilities: buffer overflow, command injection

Affected products

External IDs

vendor:	netgear	model:	router
vendor:	realtek	model:	realtek sdk
vendor:	belkin	model:	router
vendor:	google	model:	wifi
vendor:	google	model:	home
vendor:	asus	model:	wireless routers
vendor:	asus	model:	router
vendor:	asus	model:	asus
vendor:	d-link	model:	router

12 hardware and software vulnerabilities you should address now \| Computerworld Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: buffer overflow, cross-site scripting, code execution

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	iphone

How Many IoT Devices Are There in 2021? [More than Ever!] Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	wifi
vendor:	google	model:	google home
vendor:	mesh	model:	mesh
vendor:	cisco	model:	series
vendor:	cisco	model:	routers

(PDF) A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices Related entries in the VARIoT vulnerabilities database: VAR-201909-1007, VAR-201909-1008 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2019-14896, CVE-2019-13473, CVE-2019-13474, CVE-2019-14897, CVE-2019-14901

Cybersecurity: a beginner's guide to secure medical device design \| Team Consulting Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 23, 2021, 8:39 a.m.	Vulnerabilities: brute force attack, denial of service

Affected products

External IDs

vendor:

trend

model:

security

Keeping the gate locked on your IoT devices: Vulnerabilities found on Amazon's Alexa - Check Point Research Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: code injection, code execution

Affected products

External IDs

vendor:	check point	model:	check point
vendor:	serve	model:	serve

Vulnerability DB \| Snyk Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: restriction bypass, session fixation, cross-site request forgery...

Affected products

External IDs

vendor:

jquery

model:

jquery

VARIoT news about IoT security