VARIoT latest news about IoT security

Auth Bypass Bug Exploited, Millions of Routers Affected \| Threatpost Related entries in the VARIoT vulnerabilities database: VAR-202101-0529, VAR-202108-1005, VAR-202105-1126, VAR-202104-0768 Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2020-29557, CVE-2021-34484, CVE-2021-31755, CVE-2021-1498, CVE-2021-20090, CVE-2021-22502, CVE-2021-22506, CVE-2021-1497

Cisco Patches Critical Bug With Public Exploit \| Threatpost Related entries in the VARIoT vulnerabilities database: VAR-202107-0426, VAR-202108-1005, VAR-202109-0622 Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-1585, CVE-2021-34484, CVE-2021-34746

Shift to Remote work increasing risk and vulnerability from unsecured IoT devices, says report - CXO DX Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Nov. 2, 2021, 7:38 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	palo alto networks
vendor:	palo	model:	networks
vendor:	palo	model:	palo alto networks

Ss7 hack github Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: security bypass, buffer overflow, brute force attack

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	chrome
vendor:	google	model:	wifi
vendor:	linksys	model:	wrt54g
vendor:	zoom	model:	client
vendor:	zoom	model:	zoom
vendor:	wrt54g	model:	linksys

Realtek chips make routers and IoT devices from at least 65 manufacturers vulnerable Trust: 4.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	synology	model:	diskstation

NVD - CVE-2021-34792 Related entries in the VARIoT vulnerabilities database: VAR-202110-1377 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	asa_5580_firmware
vendor:	cisco	model:	adaptive_security_appliance
vendor:	cisco	model:	asa_5545-x_firmware
vendor:	cisco	model:	asa_5580
vendor:	cisco	model:	asa_5505_firmware
vendor:	cisco	model:	asa_5555-x_firmware
vendor:	cisco	model:	asa_5585-x
vendor:	cisco	model:	asa_5525-x_firmware
vendor:	cisco	model:	asa_5585-x_firmware
vendor:	cisco	model:	asa_5505
vendor:	cisco	model:	asa_5512-x_firmware
vendor:	cisco	model:	asa_5515-x_firmware

db:

NVD

ids:

CVE-2021-34792

Pegasus (spyware) - Wikipedia Related entries in the VARIoT vulnerabilities database: VAR-201608-0186, VAR-202108-1057, VAR-201608-0187, VAR-201608-0188 Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight	Vulnerabilities: information leak, memory corruption, code execution

Affected products

External IDs

vendor:	trend	model:	security
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	webkit
vendor:	apple	model:	iphone
vendor:	apple	model:	safari

db:

NVD

ids:

CVE-2016-4655, CVE-2021-30860, CVE-2016-4656, CVE-2016-4657

Blackberry Admits QNX OS Vulnerability Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 15, 2021, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

blackberry

model:

blackberry

iOS jailbreaking - Wikipedia Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 1, 2022, midnight	Vulnerabilities: default password, memory corruption, privilege escalation

Affected products

External IDs

vendor:	essential	model:	phone
vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	ipad
vendor:	apple	model:	webkit
vendor:	apple	model:	apple tv
vendor:	apple	model:	mac os
vendor:	apple	model:	ipad air
vendor:	apple	model:	iphone os
vendor:	apple	model:	macos
vendor:	apple	model:	iphone 3gs
vendor:	apple	model:	itunes
vendor:	apple	model:	safari
vendor:	apple	model:	mac os x
vendor:	apple	model:	iphone
vendor:	apple	model:	watch
vendor:	apple	model:	ipod touch

NVD - CVE-2021-20122 Related entries in the VARIoT vulnerabilities database: VAR-202110-0078, VAR-202104-0768 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 3, 2022, midnight	Vulnerabilities: authentication vulnerability, command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2021-20122, CVE-2021-20090

Our Shared Security: Responsibly Disclosing Competitor Vulnerabilities \| Ledger Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: side channel attack

Affected products	External IDs

No title Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	hewlett-packard company	model:	hewlett-packard company
vendor:	hewlett-packard company	model:	stream
vendor:	hewlett-packard	model:	hewlett-packard company
vendor:	hewlett-packard	model:	stream

Supply Chain Attacks on IoT - Million+ Devices Are Vulnerable \| by Zen Chan \| Technology Hits \| Medium Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, midnight	Vulnerabilities: buffer overflow, command injection

Affected products

External IDs

vendor:	netgear	model:	router
vendor:	realtek	model:	realtek sdk
vendor:	belkin	model:	router
vendor:	google	model:	wifi
vendor:	google	model:	home
vendor:	asus	model:	wireless routers
vendor:	asus	model:	router
vendor:	asus	model:	asus
vendor:	d-link	model:	router

12 hardware and software vulnerabilities you should address now \| Computerworld Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: buffer overflow, cross-site scripting, code execution

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	iphone

How Many IoT Devices Are There in 2021? [More than Ever!] Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	wifi
vendor:	google	model:	google home
vendor:	mesh	model:	mesh
vendor:	cisco	model:	series
vendor:	cisco	model:	routers

(PDF) A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices Related entries in the VARIoT vulnerabilities database: VAR-201909-1007, VAR-201909-1008 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2019-14896, CVE-2019-13473, CVE-2019-13474, CVE-2019-14897, CVE-2019-14901

Cybersecurity: a beginner's guide to secure medical device design \| Team Consulting Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 23, 2021, 8:39 a.m.	Vulnerabilities: brute force attack, denial of service

Affected products

External IDs

vendor:

trend

model:

security

Keeping the gate locked on your IoT devices: Vulnerabilities found on Amazon's Alexa - Check Point Research Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: code injection, code execution

Affected products

External IDs

vendor:	check point	model:	check point
vendor:	serve	model:	serve

Vulnerability DB \| Snyk Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: restriction bypass, session fixation, cross-site request forgery...

Affected products

External IDs

vendor:

jquery

model:

jquery

12 Online Free Tools to Scan Website Security Vulnerabilities & Malware Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: command injection, sql injection, os command injection...

Affected products	External IDs

VARIoT news about IoT security