VARIoT latest news about IoT security

No title Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	hewlett-packard company	model:	hewlett-packard company
vendor:	hewlett-packard company	model:	stream
vendor:	hewlett-packard	model:	hewlett-packard company
vendor:	hewlett-packard	model:	stream

Supply Chain Attacks on IoT - Million+ Devices Are Vulnerable \| by Zen Chan \| Technology Hits \| Medium Trust: 4.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 18, 2021, midnight	Vulnerabilities: buffer overflow, command injection

Affected products

External IDs

vendor:	netgear	model:	router
vendor:	realtek	model:	realtek sdk
vendor:	belkin	model:	router
vendor:	google	model:	wifi
vendor:	google	model:	home
vendor:	asus	model:	wireless routers
vendor:	asus	model:	router
vendor:	asus	model:	asus
vendor:	d-link	model:	router

12 hardware and software vulnerabilities you should address now \| Computerworld Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: buffer overflow, cross-site scripting, code execution

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	home
vendor:	apple	model:	iphone

How Many IoT Devices Are There in 2021? [More than Ever!] Trust: 3.25 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	wifi
vendor:	google	model:	google home
vendor:	mesh	model:	mesh
vendor:	cisco	model:	series
vendor:	cisco	model:	routers

(PDF) A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices Related entries in the VARIoT vulnerabilities database: VAR-201909-1007, VAR-201909-1008 Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2019-14896, CVE-2019-13473, CVE-2019-13474, CVE-2019-14897, CVE-2019-14901

Cybersecurity: a beginner's guide to secure medical device design \| Team Consulting Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Sept. 23, 2021, 8:39 a.m.	Vulnerabilities: brute force attack, denial of service

Affected products

External IDs

vendor:

trend

model:

security

Keeping the gate locked on your IoT devices: Vulnerabilities found on Amazon's Alexa - Check Point Research Trust: 4.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: code injection, code execution

Affected products

External IDs

vendor:	check point	model:	check point
vendor:	serve	model:	serve

Vulnerability DB \| Snyk Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: restriction bypass, session fixation, cross-site request forgery...

Affected products

External IDs

vendor:

jquery

model:

jquery

12 Online Free Tools to Scan Website Security Vulnerabilities & Malware Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: command injection, sql injection, os command injection...

Affected products	External IDs

10 Web Security Vulnerabilities You Can Prevent \| Toptal Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 10, 2022, midnight	Vulnerabilities: sql injection, session hijacking, request forgery...

Affected products

External IDs

vendor:

serve

model:

serve

Dissection of Winbox critical vulnerability - n0p Blog Related entries in the VARIoT vulnerabilities database: VAR-201808-0384 Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	mikrotik	model:	mikrotik router
vendor:	mikrotik	model:	winbox
vendor:	mikrotik	model:	routeros
vendor:	mikrotik	model:	mikrotik
vendor:	mikrotik	model:	routers
vendor:	mikrotik	model:	router
vendor:	cisco	model:	routers
vendor:	cisco	model:	router

db:

NVD

ids:

CVE-2018-14847

Column \| Destigmatizing Medical Device Vulnerability Disclosures to Improve Healthcare Cybersecurity - MedTech Intelligence Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	macbook
vendor:	apple	model:	safari
vendor:	apple	model:	ipad
vendor:	apple	model:	macbook air
vendor:	apple	model:	iphone
vendor:	apple	model:	apple tv
vendor:	google	model:	android
vendor:	google	model:	home

db:

ICS CERT

ids:

ICSMA-20-049-02, ICSMA-20-023-01

Industrial Internet Of Things (IoT) Identifying The Vulnerabilities Of Field Devices Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: data injection

Affected products

External IDs

vendor:	serve	model:	serve
vendor:	rapid	model:	scada

What is Vulnerability Assessment? Testing Process, VAPT Scan Tool Trust: 3.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Dec. 27, 2021, 8:32 a.m.	Vulnerabilities: sql injection, cross-site scripting

Affected products

External IDs

vendor:

wireshark

model:

wireshark

NVD - CVE-2021-41503 Related entries in the VARIoT vulnerabilities database: VAR-202109-1107 Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Jan. 1, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	d-link	model:	dcs-5000l_firmware
vendor:	d-link	model:	dcs-5000l
vendor:	d-link	model:	dcs-932l
vendor:	d-link	model:	dcs-932l_firmware
vendor:	dlink	model:	dcs-5000l_firmware
vendor:	dlink	model:	dcs-5000l
vendor:	dlink	model:	dcs-932l
vendor:	dlink	model:	dcs-932l_firmware

db:

NVD

ids:

CVE-2021-41503

Dahua Authentication Bypass ≈ Packet Storm Related entries in the VARIoT vulnerabilities database: VAR-202109-1875, VAR-202109-1874 Trust: 3.75 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 6, 2021, midnight	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2021-33044, CVE-2021-33045

Fixing the authentication bypass vulnerability affecting REST APIs \| ManageEngine ADSelfService Plus Trust: 4.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: code execution, authentication bypass, command execution...

Affected products

External IDs

db:

NVD

ids:

CVE-2021-40539

NVD - CVE-2021-1587 Trust: 5.5 Fetched: Nov. 4, 2021, 1:02 p.m., Published: -	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	cisco systems
vendor:	cisco	model:	nexus_3000
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	nexus_3048
vendor:	cisco systems	model:	nx-os software
vendor:	cisco systems	model:	nx-os
vendor:	cisco systems	model:	cisco systems
vendor:	cisco systems	model:	nexus_3000
vendor:	cisco systems	model:	cisco nx-os
vendor:	cisco systems	model:	nexus_3048

db:

NVD

ids:

CVE-2021-1587

Cisco Nexus 9500 Series Switches Access Control List Bypass Vulnerability - Cisco Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Oct. 15, 2021, 3:35 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	series switches
vendor:	cisco	model:	nexus 9000 series
vendor:	cisco	model:	nexus 3000
vendor:	cisco	model:	nexus 9500
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	nexus 9000
vendor:	cisco	model:	nexus 1000v
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	nexus
vendor:	cisco	model:	series
vendor:	cisco	model:	nexus 7000
vendor:	cisco	model:	1000v

Millions of Web Camera and Baby Monitor Feeds Are Exposed \| WIRED Trust: 3.0 Fetched: Nov. 4, 2021, 1:02 p.m., Published: Aug. 17, 2021, noon	Vulnerabilities: code execution

Affected products	External IDs

VARIoT news about IoT security