VARIoT latest news about IoT security

Apple issues emergency updates to fix major 'zero-click vulnerability' in all of its operating systems \| TechSpot Related entries in the VARIoT vulnerabilities database: VAR-202108-1057 Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 11, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	watchos
vendor:	apple	model:	macos
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2021-30860

Interesting Privilege Escalation Vulnerability - Schneier on Security Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 10, 2022, midnight	Vulnerabilities: privilege escalation

Affected products	External IDs

Latest Malware Attacks You Need to Know Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 6, 2021, 11:52 a.m.	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

google

model:

android

The real dangers of vulnerable IoT devices - duckduck WHO ? Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-31251

Full Disclosure: SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices Related entries in the VARIoT vulnerabilities database: VAR-201602-0004, VAR-202109-1172, VAR-202109-1171, VAR-201501-0737 Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 1, 2021, midnight	Vulnerabilities: buffer overflow, command injection, cross-site scripting

Affected products

External IDs

vendor:	moxa	model:	moxa
vendor:	moxa	model:	oncell g3470a-lte-eu
vendor:	moxa	model:	wac-1001
vendor:	moxa	model:	wac-2004
vendor:	moxa	model:	oncell g3470a-lte-eu-t

db:

NVD

ids:

CVE-2013-1914, CVE-2016-1234, CVE-2015-7547, CVE-2021-39279, CVE-2013-7423, CVE-2021-39278, CVE-2015-0235

The Security Vulnerabilities that Exist on Some of our Favorite IoT Devices - Firedome Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 27, 2021, 11:11 a.m.	Vulnerabilities: denial of service

Affected products	External IDs

Week in review: Realtek chips vulnerabilities, NAS devices under attack, security teams burnout - Help Net Security Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 20, 2021, 11:14 a.m.	Vulnerabilities: os command injection, command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28372

Update your Apple device now: emergency security update released : TechWeb : Blog Archive : Boston University Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 29, 2021, 1:37 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

iphone

CVE - CVE-2021-1451 Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: denial of service, buffer overflow

Affected products

External IDs

vendor:	cisco systems	model:	catalyst
vendor:	cisco systems	model:	cisco catalyst 4500 series
vendor:	cisco systems	model:	catalyst 4500 series
vendor:	cisco systems	model:	catalyst 4500
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	ios xe software
vendor:	cisco systems	model:	ios xe
vendor:	cisco systems	model:	series switches
vendor:	cisco systems	model:	cisco ios xe
vendor:	cisco systems	model:	series
vendor:	cisco systems	model:	cisco ios
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	cisco catalyst 4500 series
vendor:	cisco	model:	catalyst 4500 series
vendor:	cisco	model:	catalyst 4500
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	series switches
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	series
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2021-1451

CVE-2021-34787 : A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Related entries in the VARIoT vulnerabilities database: VAR-202110-1354 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 27, 2021, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	adaptive security appliance

db:

NVD

ids:

CVE-2009-1234, CVE-2021-34787

Railway Communication Devices Made by Moxa Affected by 60 Vulnerabilities Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 2, 2021, 3:32 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

moxa

model:

moxa

TOP Free Hacking Tools used by Black Hat Hackers 2021 Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: April 25, 2021, midnight	Vulnerabilities: denial of service, session hijacking, sql injection...

Affected products

External IDs

vendor:	cisco	model:	information server
vendor:	cisco	model:	access points
vendor:	cisco	model:	routers
vendor:	novell	model:	client
vendor:	ring	model:	ring
vendor:	wireshark	model:	wireshark
vendor:	google	model:	wifi
vendor:	netbsd	model:	netbsd
vendor:	aircrack-ng	model:	aircrack-ng

Apple patches ForcedEntry vulnerability used by spyware firm NSO Related entries in the VARIoT vulnerabilities database: VAR-202108-1057 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 14, 2021, midnight	Vulnerabilities: integer overflow, code execution

Affected products

External IDs

vendor:	apple	model:	ipod touch
vendor:	apple	model:	ipad
vendor:	apple	model:	watchos
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air

db:

NVD

ids:

CVE-2021-30860

Cybersecurity Vulnerability Could Affect Millions of Hikvision Cameras - Infosecurity Magazine Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 24, 2021, 10:30 a.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:

hikvision

model:

hikvision

Apple releases iOS 15.0.2 to fix two zero-day exploits - gHacks Tech News Related entries in the VARIoT vulnerabilities database: VAR-202108-2057 Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 14, 2021, 3:04 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	ipad air
vendor:	apple	model:	iphone
vendor:	apple	model:	ipod touch
vendor:	apple	model:	ipad

db:

NVD

ids:

CVE-2021-30883

Critical Vulnerability Affects Millions of IoT Devices Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 17, 2021, 8:45 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-28372

New BrakTooth Vulnerabilities has affected billion of Bluetooth devices around the world - Craffic Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 7, 2021, 1:26 p.m.	Vulnerabilities: code execution

Affected products	External IDs

Are your IoT devices leaving you vulnerable to cyberattacks? - INTRUSION Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 13, 2021, 6:51 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

home

Apple releases patches for Catalina and iOS 12.5.5 vulnerabilities Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	macos
vendor:	apple	model:	ipod touch
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air

All PrintNightmare Vulnerabilities Fixed Related entries in the VARIoT vulnerabilities database: VAR-202107-1010 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 15, 2021, 11:04 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-34527, CVE-2021-36958

VARIoT news about IoT security