Sign-up

VARIoT news about IoT security

Java Log4JShell Vulnerability - What I Learned About it This Week

Trust: 4.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 23, 2021, 9:01 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: essential model: phone

MediaTek chipset-based Android phones vulnerable to hackers: Check Point Research | Deccan Herald

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 25, 2021, 6:24 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
vendor: google model: android
vendor: vivo model: vivo
db: NVD ids: CVE-2021-0663, CVE-2021-0661, CVE-2021-0662

Security vulnerabilities on the Data Distribution Service (DDS) | Ubuntu

Trust: 4.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 15, 2021, midnight
 Vulnerabilities: information exposure, buffer overflow, system crash
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2021-38429, CVE-2021-38487, CVE-2021-38441, CVE-2021-38425, CVE-2021-38443, CVE-2021-43547

HP fixes high-risk printer vulnerabilities affecting more than 150 HP printers

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 1, 2021, 4:50 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-39238, CVE-2021-39237

Home routers riddled with vulnerabilities - IT Security Guru

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 3, 2021, 2:42 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tp-link model: routers

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 9, 2021, 10:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Research finds some medical devices vulnerable to hackers

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 9, 2021, 11:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: nucleus

Research, News, and Perspectives

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2021-44228

Research, News, and Perspectives

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2021-44228

News :: Articles :: Kryptowire Collaborates with Orange and Uncovers Major Vulnerabilities in Mobile Devices at Scale

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: command execution
Affected productsExternal IDs

The US reveals new software vulnerability, warns hundreds of millions of devices at risk - Jobaaj Stories

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 29, 2021, 6:10 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Netgear fixes code execution flaw in many SOHO devicesSecurity Affairs

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Nov. 17, 2021, 9:35 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw - Microsoft Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-201906-0350, VAR-201906-0349

Trust: 5.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: privilege escalation, code injection
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: ring model: ring
db: NVD ids: CVE-2019-5242, CVE-2019-5241

Cisco Industrial Ethernet Switches Device Manager Cross-Site Request Forgery Vulnerability

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: -
 Vulnerabilities: request forgery, cross-site request forgery
Affected productsExternal IDs
vendor: cisco model: industrial ethernet
vendor: cisco model: device manager

Solved: Cisco devices and log4j2 vulnerability - Cisco Community

Trust: 3.0

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 23, 2021, 3:34 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: series switches
vendor: cisco model: catalyst
vendor: cisco model: catalyst 2900 series
vendor: cisco model: series
vendor: cisco model: catalyst 2900

Apache Log4j 2 Vulnerability Security Advisory | Google Cloud

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh
vendor: google model: android
db: NVD ids: CVE-2021-44228, CVE-2021-45046

Log4j Zero-Day Vulnerability Response

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-2011, VAR-202112-0562

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 10, 2022, 3:07 p.m.
 Vulnerabilities: information leak, code execution
Affected productsExternal IDs
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo model: palo alto networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-4104, CVE-2021-45056, CVE-2021-44832, CVE-2021-45046, CVE-2021-4428

Addressing Apache Log4j Vulnerability with NGFW and Cloud-Delivered Security Services - Palo Alto Networks Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 5.5

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 17, 2021, 2:40 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: palo alto networks
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo model: palo alto networks
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Log4j CVE 2021-44228: Systems Affected and Impact… | Bishop Fox

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Dec. 10, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228 | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.25

Fetched: Dec. 30, 2021, 11:51 a.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228