Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

Apple Warns of Zero-day Vulnerability Exploited in Attack (CVE-2025-43529) - Qualys ThreatPROTECT

Trust: 5.5

Fetched: Dec. 23, 2025, 9:38 a.m., Published: -
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: safari
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: iphone
vendor: google model: chrome
db: NVD ids: CVE-2025-41474, CVE-2025-43529

Fortinet vulnerabilities prompt pre-holiday warnings | Computer Weekly

Trust: 5.5

Fetched: Dec. 23, 2025, 9:37 a.m., Published: Dec. 18, 2025, midnight
 Vulnerabilities: privilege escalation, input validation vulnerability, authentication bypass
Affected productsExternal IDs
vendor: sonicwall model: sma1000
vendor: asus model: asus
vendor: cisco model: asyncos
vendor: cisco model: asyncos software
vendor: cisco model: series
db: NVD ids: CVE-2025-40602, CVE-2025-59719, CVE-2025-20393, CVE-2025-59718, CVE-2025-69374

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

Trust: 4.5

Fetched: Dec. 23, 2025, 9:37 a.m., Published: Dec. 19, 2025, 11:23 a.m.
 Vulnerabilities: process crash
Affected productsExternal IDs
vendor: watchguard model: fireware
vendor: watchguard model: watchguard fireware
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-9242, CVE-2025-59718, CVE-2025-59719, CVE-2025-14733

China-nexus Campaign Exploits CVE-2025-20393 in Cisco Email Security Devices

Trust: 6.0

Fetched: Dec. 23, 2025, 9:36 a.m., Published: Dec. 23, 9686, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: cisco email security appliance
vendor: cisco model: content security management appliance
vendor: cisco model: email security appliance
vendor: cisco model: cisco content security management appliance
vendor: cisco model: nexus
vendor: cisco model: management appliance
db: NVD ids: CVE-2025-20393

Early-Boot Attack: UEFI Flaw in ASRock, ASUS, & MSI Boards Lets Hackers Bypass OS Security via PCIe

Trust: 5.0

Fetched: Dec. 23, 2025, 9:36 a.m., Published: Dec. 19, 2025, 12:22 a.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: asus model: asus
db: NVD ids: CVE-2025-14304, CVE-2025-14302, CVE-2025-14303, CVE-2025-11901

125,000 IPs WatchGuard Firebox Devices Exposed to Internet Vulnerable to

Trust: 5.5

Fetched: Dec. 23, 2025, 9:35 a.m., Published: Dec. 22, 2025, 3:32 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: watchguard model: watchguard fireware
vendor: watchguard model: fireware
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-14733

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719 exploited in the wild - Cyber Security Review

Trust: 4.75

Fetched: Dec. 23, 2025, 9:35 a.m., Published: Dec. 18, 2025, 7:14 a.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: schneider electric model: monitor
vendor: google model: home
vendor: palo model: firewall
vendor: schneider model: monitor
db: NVD ids: CVE-2025-59718, CVE-2025-59719

WatchGuard 0-day Vulnerability Exploited in the Wild to Hijack Firewalls

Trust: 3.75

Fetched: Dec. 23, 2025, 9:34 a.m., Published: Dec. 19, 2025, 2:56 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-14733

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability - Vulert

Trust: 5.25

Fetched: Dec. 23, 2025, 9:34 a.m., Published: Dec. 22, 2025, 8:12 a.m.
 Vulnerabilities: authentication vulnerability, code execution
Affected productsExternal IDs
vendor: watchguard model: watchguard fireware
vendor: watchguard model: fireware
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-9242, CVE-2025-14733

CVE-2025-68335 - comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() - SecAlerts

Trust: 3.75

Fetched: Dec. 23, 2025, 9:33 a.m., Published: -
 Vulnerabilities: kernel crash
Affected productsExternal IDs
db: NVD ids: CVE-2025-68335

Update your iPhone now - Apple patches two iOS zero days used in the wild by hackers | Tom's Guide

Trust: 5.5

Fetched: Dec. 23, 2025, 9:32 a.m., Published: Dec. 15, 2025, 6:07 p.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: software update
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: apple tv
vendor: apple model: watch
vendor: google model: chrome
db: NVD ids: CVE-2025-14174, CVE-2025-43529

How To Use AI To Audit Your Home Wi-Fi Network For Hidden Bandwidth Hogs And IoT Device Vulnerabilities

Trust: 4.5

Fetched: Dec. 23, 2025, 9:32 a.m., Published: Dec. 20, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: samsung model: note
vendor: samsung model: mobile
vendor: philips hue model: hue bridge
vendor: philips model: hue bridge
vendor: tp-link model: routers
vendor: wireshark model: wireshark
db: NVD ids: CVE-2022-28799

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719 exploited in the wild - Cyber Security Review

Trust: 6.0

Fetched: Dec. 23, 2025, 9:31 a.m., Published: Dec. 18, 2025, 7:14 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: email security
db: NVD ids: CVE-2025-37164, CVE-2018-0802, CVE-2025-59718, CVE-2025-59719

CVE-2025-68335 - comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel()

Trust: 5.0

Fetched: Dec. 23, 2025, 9:31 a.m., Published: Dec. 22, 2025, 5:16 p.m.
 Vulnerabilities: kernel crash
Affected productsExternal IDs
db: NVD ids: CVE-2025-68335

CVE-2025-65856 - Xiongmai XM530 IP Camera Authentication Bypass

Trust: 7.0

Fetched: Dec. 23, 2025, 9:31 a.m., Published: Dec. 22, 2025, 10:16 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: xiongmai model: ip cameras
db: NVD ids: CVE-2025-65856

🚨 Cisco Secure Email Devices Exposed to Actively Exploited Zero-Day Vulnerability (CVE-2025-20393)

Trust: 3.0

Fetched: Dec. 23, 2025, 9:30 a.m., Published: Dec. 3, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-20393

New Bluetooth Vulnerability Could Allow Hackers to Control Android, Linux, macOS, and iOS Devices - Breach Spot

Trust: 4.75

Fetched: Dec. 23, 2025, 9:30 a.m., Published: Dec. 22, 2025, 10:45 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: apple model: macos
vendor: google model: android
db: NVD ids: CVE-2024-21306, CVE-2024-0230, CVE-2023-45866

iOS 26.2 Security Alert: Two Zero-Day Exploits Fixed << Apple :: Gadget Hacks

Trust: 4.25

Fetched: Dec. 23, 2025, 9:29 a.m., Published: Dec. 19, 2025, 4:41 a.m.
 Vulnerabilities: integer overflow, memory corruption
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
db: NVD ids: CVE-2025-14174, CVE-2025-43529

Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities

Trust: 5.75

Fetched: Dec. 23, 2025, 9:28 a.m., Published: Dec. 4, 2025, 2:23 p.m.
 Vulnerabilities: cross-site scripting, information disclosure
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine
db: NVD ids: CVE-2025-20303, CVE-2025-20304, CVE-2025-20289, CVE-2025-20305

WatchGuard Addresses Actively Exploited Firewall Zero-Day Vulnerability - Breach Spot

Trust: 3.75

Fetched: Dec. 23, 2025, 9:28 a.m., Published: Dec. 22, 2025, 5:45 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: watchguard model: fireware
vendor: watchguard model: watchguard fireware
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-14733