Sign-up

VARIoT news about IoT security

New Chrome flaw leaks sensitive information across websites - your data could already be in the wrong hands | TechRadar

Trust: 3.75

Fetched: June 29, 2025, 9:52 a.m., Published: June 3, 2025, 5:31 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2025-4664

Notepad++ Vulnerability Lets Attackers Take Full System Control; PoC Released

Trust: 5.25

Fetched: June 29, 2025, 9:49 a.m., Published: June 2, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-49144

Two Local Privilege Escalation Flaws Discovered... " Linux Magazine

Trust: 5.25

Fetched: June 29, 2025, 9:46 a.m., Published: June 24, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-6019, CVE-2025-6018

Specific Ricoh MFP and Printer Products - Multiple vulnerabilities (CVE-2017-9765, CVE-2024-2169, CVE-2024-51977, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984) | Ricoh South Africa

Trust: 3.25

Fetched: June 29, 2025, 9:46 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-51980, CVE-2024-51981, CVE-2024-51979, CVE-2024-51977, CVE-2024-51983, CVE-2024-51982, CVE-2024-51984, CVE-2024-2169, CVE-2017-9765

CitrixBleed 2 Vulnerability Now Under Active Attack Worldwide - Cyber Kendra

Trust: 4.5

Fetched: June 29, 2025, 9:46 a.m., Published: June 2, 2025, midnight
 Vulnerabilities: session hijacking
Affected productsExternal IDs
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
vendor: citrix model: gateway
db: NVD ids: CVE-2025-6543, CVE-2023-4966, CVE-2025-5777

Critical May 2025 Update for Google Pixel Devices: Why You Need to Install It Now - UNDERCODE NEWS

Trust: 3.5

Fetched: June 29, 2025, 9:45 a.m., Published: June 28, 2025, 5:41 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: essential model: phone
db: NVD ids: CVE-2025-27363

Your smart home could be working against you

Trust: 3.5

Fetched: June 29, 2025, 9:44 a.m., Published: June 27, 2025, 4:08 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

Securing Protected Health Information (PHI) in Healthcare IoT - Risks & Strategies

Trust: 3.75

Fetched: June 29, 2025, 9:44 a.m., Published: June 25, 2025, 7:10 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

Critical Vulnerability in Linux Kernel: blkdev_read_iter Functionality Issue

Trust: 3.0

Fetched: June 29, 2025, 9:38 a.m., Published: June 11, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-21832

Cisco Identity Services Engine Authorization Bypass Vulnerability

Trust: 3.0

Fetched: June 29, 2025, 9:38 a.m., Published: June 25, 2025, 3:58 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine

Week in review: Backdoor found in SOHO devices running Linux, high-risk WinRAR RCE flaw patched - Help Net Security

Trust: 4.5

Fetched: June 29, 2025, 9:30 a.m., Published: June 29, 2025, 7:40 a.m.
 Vulnerabilities: directory traversal, security bypass
Affected productsExternal IDs
vendor: barracuda networks model: running
vendor: barracuda networks model: barracuda
vendor: sonicwall model: ssl-vpn
vendor: sonicwall model: soho
vendor: sonicwall model: netextender
vendor: barracuda model: running
vendor: barracuda model: barracuda
vendor: google model: home
vendor: citrix model: netscaler
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler adc
vendor: citrix model: gateway
db: NVD ids: CVE-2025-5777, CVE-2025-49144, CVE-2025-6218

iTWire - Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Trust: 4.5

Fetched: June 29, 2025, 9:29 a.m., Published: June 27, 2025, 11:28 a.m.
 Vulnerabilities: authentication bypass, buffer overflow, information leak...
Affected productsExternal IDs
db: NVD ids: CVE-2024-51980, CVE-2024-51981, CVE-2024-51979, CVE-2024-51977, CVE-2024-51983, CVE-2024-51982, CVE-2024-51984, CVE-2024-51978

Bluetooth Zero-Day Turns Millions of Headphones Into Surveillance Devices

Trust: 4.0

Fetched: June 29, 2025, 9:29 a.m., Published: June 27, 2025, 10:50 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: xiaomi model: redmi
db: NVD ids: CVE-2025-20701, CVE-2025-20700, CVE-2025-20702

Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability - Cisco

Trust: 5.0

Fetched: June 29, 2025, 9:28 a.m., Published: June 18, 2025, 11:53 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: vpn client
vendor: cisco model: series
vendor: cisco model: meraki mx
vendor: cisco model: meraki mx firmware
vendor: cisco model: anyconnect vpn client

Multiple Brother Devices: Multiple Vulnerabilities (FIXED) - Rapid7 Blog

Trust: 4.5

Fetched: June 29, 2025, 9:27 a.m., Published: June 25, 2025, midnight
 Vulnerabilities: authentication bypass, buffer overflow, information leak...
Affected productsExternal IDs
db: NVD ids: CVE-2024-51980, CVE-2024-51981, CVE-2024-51979, CVE-2024-51977, CVE-2024-51983, CVE-2024-51982, CVE-2024-51984, CVE-2024-51978

Multiple Brother Devices: Multiple Vulnerabilities (FIXED) - Cyber Security Review

Trust: 4.5

Fetched: June 29, 2025, 9:26 a.m., Published: June 25, 2025, 7:10 a.m.
 Vulnerabilities: authentication bypass, code execution
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine
vendor: cisco model: netscaler gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler adc
vendor: citrix model: gateway
db: NVD ids: CVE-2025-20281, CVE-2025-4365, CVE-2024-6235, CVE-2025-6543, CVE-2024-51978, CVE-2025-5309

Some Brother printers have a remote code execution vulnerability, and they can’t fix it | CSO Online

Trust: 4.75

Fetched: June 29, 2025, 9:26 a.m., Published: June 27, 2025, midnight
 Vulnerabilities: request forgery, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-51980, CVE-2024-51981, CVE-2024-51984

Download photos or videos to your device - Computer - Google Photos Help

Trust: 3.0

Fetched: June 29, 2025, 9:15 a.m., Published: Dec. 29, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome

CVE-2025-49196 : Deprecated TLS Version Vulnerability in SICK Devices

Trust: 3.25

Fetched: June 27, 2025, 11:18 a.m., Published: June 12, 2025, 2:20 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-49196

Remote Work Cybersecurity Statistics 2025: VPN, Shadow IT, etc. - SQ Magazine

Trust: 3.75

Fetched: June 27, 2025, 11:13 a.m., Published: June 26, 2025, 6:04 a.m.
 Vulnerabilities: session hijacking
Affected productsExternal IDs
vendor: google model: home