Sign-up

VARIoT news about IoT security

Android Security Bulletin-October 2021 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202110-1118, VAR-202110-1132, VAR-202110-1125, VAR-202110-1126, VAR-202110-1123, VAR-202012-1547, VAR-202110-1131, VAR-202110-1128, VAR-202110-1032, VAR-202110-1127, VAR-202105-1475, VAR-202110-1207, VAR-202110-1208, VAR-202110-1139, VAR-202110-1130, VAR-202110-1034, VAR-202110-1129, VAR-202110-1124, VAR-202105-1429

Trust: 4.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 16, 2021, midnight
 Vulnerabilities: denial of service, code execution, information disclosure
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: samsung model: notes
vendor: nokia model: nokia
vendor: broadcom model: broadcom
vendor: huawei model: huawei
vendor: google model: android
vendor: google model: pixel
vendor: motorola model: android
vendor: motorola model: motorola
db: NVD ids: CVE-2021-30310, CVE-2021-0870, CVE-2021-1983, CVE-2021-30291, CVE-2021-0703, CVE-2021-30288, CVE-2021-30302, CVE-2021-30297, CVE-2020-29660, CVE-2021-1984, CVE-2021-1932, CVE-2021-0483, CVE-2021-30257, CVE-2021-27666, CVE-2021-1949, CVE-2021-30258, CVE-2021-1913, CVE-2020-26147, CVE-2021-1917, CVE-2021-1936, CVE-2021-29647, CVE-2021-1959, CVE-2021-1985, CVE-2020-11303, CVE-2021-30256, CVE-2020-10768, CVE-2021-30292, CVE-2020-26140

Apple releases emergency update to fix spyware vulnerability | Healthcare IT News

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 14, 2021, 6:54 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: macos
vendor: trend model: security

Cybersecurity Vulnerabilities in BlackBerry QNX Could Compromise Certain Medical Devices and Drug Manufacturing Equipment - MedTech Intelligence

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, 12:39 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: blackberry model: blackberry

Aviso de Segurança - Vulnerabilidade de autorização imprópria em alguns produtos da Huawei

Related entries in the VARIoT vulnerabilities database: VAR-202109-1642

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 8, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2021-37101

Microsoft issues advisory for Surface Pro 3 TPM bypass vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202110-1321

Trust: 4.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight
 Vulnerabilities: security feature bypass, feature bypass
Affected productsExternal IDs
db: NVD ids: CVE-2021-42299

Critical macOS Bug Could Allow Threat Actors Install Undetectable Malware In Apple Devices

Related entries in the VARIoT vulnerabilities database: VAR-202108-2056

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 2, 2021, 3:39 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: macbook air
vendor: apple model: macbook
vendor: apple model: ipad
db: NVD ids: CVE-2021-30892

Google warns Android users of zero-day vulnerability being actively attacked

Trust: 3.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 25, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2021-1048

Apple just fixed zero-day iPhone flaw with iOS 15.0.2 - update now | Tom's Guide

Related entries in the VARIoT vulnerabilities database: VAR-202108-2057

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 12, 2021, 8:46 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipod touch
vendor: apple model: ipad
db: NVD ids: CVE-2021-30883

Patch now! Microsoft fixes 71 Windows vulnerabilities in October Patch Tuesday | Malwarebytes Labs

Related entries in the VARIoT vulnerabilities database: VAR-202110-1687

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 13, 2021, 3:41 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-38672, CVE-2021-40461, CVE-2021-40469, CVE-2021-40449, CVE-2021-36970, CVE-2021-26427, CVE-2021-40486

Which countries have the highest rate of phone hacking? - Zatltd

Related entries in the VARIoT vulnerabilities database: VAR-201605-0441, VAR-201502-0126

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 8, 2021, 3:24 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: sony model: playstation
db: NVD ids: CVE-2016-1799, CVE-2017-0126, CVE-2015-0596

Update now! Apple patches another privilege escalation bug in iOS and iPadOS | Malwarebytes Labs

Related entries in the VARIoT vulnerabilities database: VAR-202104-0750, VAR-202108-2057, VAR-202109-1420, VAR-202108-1057, VAR-202104-0751, VAR-202108-2172, VAR-202109-1316, VAR-202109-1311, VAR-202104-0647, VAR-202109-1380, VAR-202110-0332, VAR-202109-1307, VAR-202108-1374, VAR-202104-0753, VAR-202109-1419, VAR-202109-1313, VAR-202109-1315

Trust: 5.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 12, 2021, 4:07 p.m.
 Vulnerabilities: memory corruption, privilege escalation, code execution
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: itunes
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: ipod touch
db: NVD ids: CVE-2021-1870, CVE-2021-30883, CVE-2021-30762, CVE-2021-30860, CVE-2021-1871, CVE-2021-30858, CVE-2021-30666, CVE-2021-30661, CVE-2021-1782, CVE-2021-30713, CVE-2021-30807, CVE-2021-30657, CVE-2021-30869, CVE-2021-1879, CVE-2021-30761, CVE-2021-30663, CVE-2021-30665

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump | McAfee Blogs

Related entries in the VARIoT vulnerabilities database: VAR-202108-1770, VAR-202108-1299, VAR-202108-1773

Trust: 5.25

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 24, 2021, 1 p.m.
 Vulnerabilities: replay attack, memory corruption, privilege escalation...
Affected productsExternal IDs
vendor: bbraun model: station
db: NVD ids: CVE-2021-33883, CVE-2021-33884, CVE-2020-16238, CVE-2021-33882, CVE-2021-33885, CVE-2021-33886

INFRA:HALT vulnerabilities target OT, IoT devices, exploit weakness in NicheStack TCP/IP stack - Industrial CyberIndustrial Cyber

Trust: 3.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 15, 2021, 6:59 a.m.
 Vulnerabilities: information leak, denial of service, memory corruption...
Affected productsExternal IDs
vendor: schneider electric model: monitor
vendor: schneider model: monitor

Microsoft finally puts an end to Windows 10 PrintNightmare vulnerability | Windows Central

Trust: 3.0

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 10, 2021, 5:51 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-34481

Google patches zero-day vulnerability, and others, in Android | Malwarebytes Labs

Related entries in the VARIoT vulnerabilities database: VAR-202111-0609, VAR-202111-0579

Trust: 4.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 2, 2021, 4:48 p.m.
 Vulnerabilities: buffer overflow, use after free, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-1975, CVE-2021-1924, CVE-2021-1048, CVE-2021-0930, CVE-2021-0889, CVE-2021-0918, CVE-2021-0913

Cisco Patches Serious Vulnerabilities in Data Center Products | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202108-0311

Trust: 5.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 9, 2022, midnight
 Vulnerabilities: denial of service, improper access control, file upload issue...
Affected productsExternal IDs
vendor: cisco model: firepower
vendor: cisco model: nexus 9000 series
vendor: cisco model: device manager
vendor: cisco model: nx-os software
vendor: cisco model: nx-os
vendor: cisco model: routers
vendor: cisco model: nexus
vendor: cisco model: nexus 9000
vendor: cisco model: series
vendor: cisco model: application policy infrastructure controller
vendor: blackberry model: blackberry
db: NVD ids: CVE-2021-1577

Cisco Patches High-Severity DoS Vulnerabilities in ASA, FTD Software | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202110-1394, VAR-202110-1352

Trust: 4.5

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 16, 2022, midnight
 Vulnerabilities: directory traversal, denial of service, traversal attack...
Affected productsExternal IDs
vendor: cisco model: ios xr
vendor: cisco model: ios xe
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: adaptive security appliance
vendor: cisco model: ios xe software
vendor: cisco model: firepower management center
vendor: snort model: snort
db: NVD ids: CVE-2021-34783, CVE-2021-40116

Cisco Patches Critical Vulnerabilities in IOS XE Software | SecurityWeek.Com

Related entries in the VARIoT vulnerabilities database: VAR-202109-0245

Trust: 5.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 16, 2022, midnight
 Vulnerabilities: denial of service, buffer overflow, code execution
Affected productsExternal IDs
vendor: cisco model: catalyst 9800
vendor: cisco model: ios xe software
vendor: cisco model: sd-wan
vendor: cisco model: series integrated services routers
vendor: cisco model: cloud services router
vendor: cisco model: cloud services router 1000v
vendor: cisco model: integrated services routers
vendor: cisco model: routers
vendor: cisco model: ios xe
vendor: cisco model: catalyst
vendor: cisco model: 1000v
vendor: cisco model: series switches
vendor: cisco model: router
vendor: cisco model: access points
vendor: cisco model: series
db: NVD ids: CVE-2021-34770, CVE-2021-1619, CVE-2021-34727

Security Advisory - Improper Authorization Vulnerability in Some Huawei Products

Related entries in the VARIoT vulnerabilities database: VAR-202109-1642

Trust: 5.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 8, 2021, midnight
 Vulnerabilities: authorization vulnerability, code execution
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2021-37101

VMware issues details of emergency actions that need taking to address a critical security vulnerability

Trust: 4.75

Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 24, 2021, 8:35 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-22005