VARIoT latest news about IoT security

Dangerous XSS bug in Google Chrome’s ‘New Tab’ page bypassed security features \| The Daily Swig Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 3, 2021, 3:02 p.m.	Vulnerabilities: cross-site request forgery, request forgery, cross-site scripting...

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

Multiple flaws in telecoms stack software FreeSwitch uncovered \| The Daily Swig Related entries in the VARIoT vulnerabilities database: VAR-202110-1542, VAR-202110-1048, VAR-202110-1371, VAR-202110-1256 Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 1, 2021, 4:42 p.m.	Vulnerabilities: denial of service, information leakage

Affected products

External IDs

vendor:

freeswitch

model:

freeswitch

db:

NVD

ids:

CVE-2021-41145, CVE-2021-37624, CVE-2021-41158, CVE-2021-41105

Cisco Firepower Threat Defense Software CLI Arbitrary File Write (cisco-sa-ftd-file-write-SHVcmQVc) \| Tenable® Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 3, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco firepower threat defense software
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	firepower
vendor:	cisco	model:	firepower threat defense software

The real dangers of vulnerable IoT devices - Infosec Resources Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 14, 2021, 10:41 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-31251

Hundreds of thousands of Realtek-based devices under attack from IoT botnet - The Record by Recorded Future Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 23, 2021, 6:56 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	realtek	model:	realtek sdk
vendor:	mesh	model:	mesh

db:

NVD

ids:

CVE-2021-35395

Attackers Started Exploiting a Router Vulnerability Just 2 Days After Its Disclosure \| PCMag Related entries in the VARIoT vulnerabilities database: VAR-202104-0768 Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 11, 2022, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	cisco hyperflex
vendor:	cisco	model:	routers
vendor:	cisco	model:	hyperflex
vendor:	cisco	model:	soho
vendor:	cisco	model:	router
vendor:	d-link	model:	router
vendor:	tenda	model:	ac11
vendor:	tenda	model:	router

db:

NVD

ids:

CVE-2021-20090

BrakTooth Bluetooth vulnerabilities, crash all the devices! \| Malwarebytes Labs Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 2, 2021, 4:24 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28139

NVD - Home Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 11, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-42560

Vulnerabilities Grow as Utilities Link Control Systems to the Internet - Defense One Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 29, 2021, 10 a.m.	Vulnerabilities: default credentials

Affected products

External IDs

vendor:

trend

model:

security

New Annke Vulnerability Shows Risks of IoT Security Camera Systems Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 26, 2021, 4 p.m.	Vulnerabilities: cross-site request forgery, request forgery, code execution...

Affected products

External IDs

db:

NVD

ids:

CVE-2021-32941

Android Multiple Vulnerabilities - DIGITPOL Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 3, 2021, midnight	Vulnerabilities: denial of service, code execution, information disclosure

Affected products	External IDs

microsoft: Apple fixes critical MacOS bug after alert from Microsoft Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 1, 2021, 3:24 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

InHand Router Flaws Could Expose Many Industrial Companies to Remote Attacks \| SecurityWeek.Com Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 16, 2022, midnight	Vulnerabilities: default credentials, cross-site request forgery, request forgery...

Affected products

External IDs

vendor:	cisco	model:	routers
vendor:	cisco	model:	router

Exploits and exploit kits - Windows security \| Microsoft Docs Related entries in the VARIoT vulnerabilities database: VAR-201601-0030 Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 28, 2021, 10:59 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2016-0778, CVE-2013-1489, CVE-2017-0144

Realtek SDK vulnerabilities impact dozens of downstream IoT vendors \| The Daily Swig Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 16, 2021, 2:24 p.m.	Vulnerabilities: command execution, arbitrary command execution, default credentials...

Affected products

External IDs

vendor:

realtek

model:

realtek sdk

db:

NVD

ids:

CVE-2021-35395, CVE-2021-35392, CVE-2021-35393, CVE-2021-35394

New Bluetooth vulnerability affects over one billion device - Gizchina.com Trust: 5.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 8, 2021, 12:11 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

dell

model:

optiplex

db:

NVD

ids:

CVE-2021-28139

Threat Encyclopedia \| FortiGuard Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 27, 2021, midnight	Vulnerabilities: request forgery, cross-site scripting

Affected products

External IDs

db:

NVD

ids:

CVE-2020-13484, CVE-2020-13483

Go Update Your iPhone and iPad Right Now Related entries in the VARIoT vulnerabilities database: VAR-202108-2057 Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 11, 2021, 8:13 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	ipad air
vendor:	apple	model:	ipod touch
vendor:	apple	model:	ipad
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2021-30883

How IoT Devices Are Embracing Security [2021] Trustonic Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 19, 2021, 9:07 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	samsung	model:	mobile
vendor:	google	model:	home

Microsoft Researchers Help Apple Fix A Critical MacOS Bug Related entries in the VARIoT vulnerabilities database: VAR-202108-2056 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 1, 2021, 1:17 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	macos
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2021-30892

VARIoT news about IoT security