VARIoT latest news about IoT security

Akira Ransomware Exploits SonicWall SMA100 Vulnerabilities: What You Need to Know \| Bitsight Related entries in the VARIoT vulnerabilities database: VAR-202507-3132, VAR-202507-3117, VAR-202507-3108 Trust: 5.5 Fetched: Aug. 10, 2025, 9:23 a.m., Published: Aug. 10, 2025, midnight	Vulnerabilities: buffer overflow, privilege escalation, denial of service...

Affected products

External IDs

vendor:	sonicwall	model:	sma100
vendor:	sonicwall	model:	ssl vpn

db:

NVD

ids:

CVE-2025-40597, CVE-2025-40598, CVE-2025-40599, CVE-2025-40596

Critical Android vulnerabilities patched-update as soon as you can \| Malwarebytes Trust: 5.75 Fetched: Aug. 10, 2025, 9:22 a.m., Published: Aug. 5, 2025, 2:21 p.m.	Vulnerabilities: code execution, command execution, memory corruption

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2025-48530, CVE-2025-21479

SonicWall SSLVPN Vulnerability on Gen 7 Devices Trust: 3.5 Fetched: Aug. 10, 2025, 9:22 a.m., Published: Aug. 7, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	sonicwall	model:	remote access
vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	ssl vpn

db:

NVD

ids:

CVE-2024-40766

Yealink IP Phones Vulnerabilities: Urgent Security Fixes for Business Communication Devices \| Windows Forum Trust: 4.5 Fetched: Aug. 10, 2025, 9:21 a.m., Published: Aug. 7, 2025, 4:10 p.m.	Vulnerabilities: information disclosure, certificate validation issue, session hijacking

Affected products

External IDs

vendor:

yealink

model:

hardware

db:

NVD

ids:

CVE-2025-52917, CVE-2025-52919, CVE-2025-52916, CVE-2025-52918

Critical Firmware Loading Vulnerability in Linux Kernel - CVE-2025-38420 Trust: 3.25 Fetched: Aug. 10, 2025, 9:21 a.m., Published: Aug. 11, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-38420

Multiple flaws found in TETRA radio systems, exposing law enforcement, military, critical infrastructure communications - Industrial Cyber Trust: 4.75 Fetched: Aug. 10, 2025, 9:20 a.m., Published: Aug. 8, 2025, 9:51 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:

motorola

model:

motorola

db:

NVD

ids:

CVE-2025-52942, CVE-2025-52944, CVE-2022-24401, CVE-2025-52941, CVE-2025-8458, CVE-2025-52945, CVE-2025-52943, CVE-2025-52940

Millions of Dell Laptops Vulnerable to Device Takeover and Persistent Malware Attacks Trust: 5.25 Fetched: Aug. 10, 2025, 9:19 a.m., Published: Aug. 6, 2025, 3:45 a.m.	Vulnerabilities: code execution, buffer overflow, information leakage

Affected products

External IDs

vendor:	dell	model:	latitude
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2025-25215, CVE-2025-24919, CVE-2025-24922, CVE-2025-24311, CVE-2025-25050

CISA Alerts on Ongoing Exploits Targeting D-Link Device Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202211-1888, VAR-202009-0782, VAR-202009-0783 Trust: 4.75 Fetched: Aug. 10, 2025, 9:15 a.m., Published: Aug. 6, 2025, 6 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	d-link	model:	dcs-2670l
vendor:	d-link	model:	dnr-322l
vendor:	d-link	model:	dcs-2530l
vendor:	trend	model:	security

db:

NVD

ids:

CVE-2022-40799, CVE-2020-25078, CVE-2020-25079

Attacker could defeat Dell firmware flaws with a vegetable \| Computer Weekly Trust: 4.5 Fetched: Aug. 10, 2025, 9:14 a.m., Published: Aug. 5, 2025, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	dell	model:	bios
vendor:	dell	model:	latitude
vendor:	cisco	model:	device manager
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2025-25215, CVE-2025-24919, CVE-2025-24922, CVE-2025-24311, CVE-2025-25050

Millions of Dell laptops at risk due to Broadcom chip security flaw - here's how you can stay safe \| TechRadar Trust: 3.75 Fetched: Aug. 10, 2025, 9:13 a.m., Published: Aug. 6, 2025, 11:31 a.m.	Vulnerabilities: code execution

Affected products	External IDs

Millions of Dell PCs with Broadcom chips open to attack • The Register Trust: 4.5 Fetched: Aug. 10, 2025, 9:12 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

vendor:	dell	model:	latitude
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2025-25215, CVE-2025-24919, CVE-2025-24922, CVE-2025-24311, CVE-2025-25050

Download photos or videos to your device - Computer - Google Photos Help Trust: 3.0 Fetched: Aug. 8, 2025, 6:04 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

chrome

Download apps & digital content - Google Play Help Trust: 3.0 Fetched: Aug. 8, 2025, 6:03 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Download and install Google Chrome - Computer - Google Chrome Help Trust: 3.0 Fetched: Aug. 8, 2025, 6:02 p.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

About the security content of iOS 18.6 and iPadOS 18.6 - Apple Support Trust: 5.25 Fetched: Aug. 5, 2025, 9:37 a.m., Published: Aug. 18, 2025, midnight	Vulnerabilities: input validation issue, memory corruption, bounds access issue

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	ipad air
vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2025-31276, CVE-2025-43234, CVE-2025-43202, CVE-2025-43221, CVE-2025-43216, CVE-2025-31281, CVE-2025-6558, CVE-2025-43230, CVE-2025-43277, CVE-2025-7424, CVE-2025-7425, CVE-2025-43217, CVE-2025-43223, CVE-2025-43212, CVE-2025-43224, CVE-2025-43214, CVE-2025-31229, CVE-2025-43227, CVE-2025-43265, CVE-2025-43213, CVE-2025-43211, CVE-2025-43186, CVE-2025-43210, CVE-2025-43228, CVE-2025-43209, CVE-2025-31273, CVE-2025-31278, CVE-2025-43226, CVE-2025-31277

CVE-2025-30133: Device Pairing Bypass Vulnerability in IROAD Dashcam FX2 Devices - Cybersecurity Exploit Tracker by Ameeba Trust: 5.0 Fetched: Aug. 5, 2025, 9:36 a.m., Published: Nov. 30, 0001, midnight	Vulnerabilities: default password

Affected products

External IDs

db:

NVD

ids:

CVE-2025-30133

Critical SonicWall SSL VPN Flaw Allows Attackers to Launch DoS Attacks on Firewalls Trust: 4.75 Fetched: Aug. 5, 2025, 9:22 a.m., Published: July 30, 2025, 11:55 a.m.	Vulnerabilities: format string vulnerability, service disruption

Affected products

External IDs

vendor:	sonicwall	model:	ssl-vpn
vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	sma 100
vendor:	sonicwall	model:	ssl vpn

db:

NVD

ids:

CVE-2025-40600

CVE-2025-31700: Dahua Network Device Vulnerability - DEC Solutions Group Trust: 5.0 Fetched: Aug. 5, 2025, 9:21 a.m., Published: July 23, 2025, 9:20 a.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

db:

NVD

ids:

CVE-2025-31700

Güralp Systems Güralp FMUS series \| CISA Trust: 3.0 Fetched: Aug. 5, 2025, 9:20 a.m., Published: Aug. 1, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-8286

Get started with Google Maps - Android - Google Maps Help Trust: 3.0 Fetched: Aug. 5, 2025, 9:11 a.m., Published: May 5, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

VARIoT news about IoT security