Sign-up

VARIoT news about IoT security

Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability

Trust: 5.0

Fetched: July 11, 2025, 9:29 a.m., Published: June 18, 2025, 3:56 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: meraki mx firmware
vendor: cisco model: anyconnect vpn client
vendor: cisco model: vpn client
vendor: cisco model: series
vendor: cisco model: meraki mx

CVE-2025-27025: High-Risk Directory Traversal Vulnerability Due to Unsecure TCP Port Endpoint Access - Cybersecurity Exploit Tracker by Ameeba

Trust: 4.75

Fetched: July 11, 2025, 9:28 a.m., Published: July 8, 2025, 7:59 a.m.
 Vulnerabilities: directory traversal, traversal attack
Affected productsExternal IDs
db: NVD ids: CVE-2025-27025

New PerfektBlue Attack Exposes Millions of Cars to Remote Hacking

Trust: 3.75

Fetched: July 11, 2025, 9:28 a.m., Published: July 10, 2025, 11:47 a.m.
 Vulnerabilities: code execution, memory corruption, improper validation
Affected productsExternal IDs
db: NVD ids: CVE-2024-45431, CVE-2024-45434, CVE-2024-45433, CVE-2024-45432

Phoenix Contact device vulnerabilities: Find affected assets

Trust: 3.5

Fetched: July 11, 2025, 9:11 a.m., Published: July 11, 2025, 1:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: phoenix contact model: axc f 2152
vendor: phoenix contact model: plcnext
vendor: phoenix model: contact axc f
db: NVD ids: CVE-2025-41668, CVE-2025-41666, CVE-2025-41667, CVE-2025-41665

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks - Ars Technica

Trust: 3.75

Fetched: July 11, 2025, 9:09 a.m., Published: July 9, 2025, 2:18 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: comcast model: xfinity
vendor: citrix model: netscaler application delivery controller
vendor: citrix model: application delivery controller
vendor: citrix model: gateway
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler
vendor: xfinity model: gateway
db: NVD ids: CVE-2023-4966, CVE-2025-5777

Copy apps & data from an Android to a new Android device - Android Help

Trust: 3.0

Fetched: July 11, 2025, 9:09 a.m., Published: July 8, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Invisible UI Trick: The Latest TapTrap Exploit on Android Devices

Trust: 3.0

Fetched: July 9, 2025, 9:58 a.m., Published: July 9, 2025, 5:14 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

CVE-2025-6881: Critical Buffer Overflow Vulnerability in D-Link DI-8100 - Cybersecurity Exploit Tracker by Ameeba

Related entries in the VARIoT vulnerabilities database: VAR-202506-3348

Trust: 5.0

Fetched: July 9, 2025, 9:56 a.m., Published: July 5, 2025, 3:29 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-6881

Update Canonical Ubuntu Desktop: USN-7612-1: Flask-CORS vulnerabilities

Trust: 4.0

Fetched: July 9, 2025, 9:55 a.m., Published: Jan. 9, 7612, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-6866, CVE-2024-6844, CVE-2024-6839, CVE-2024-6221, CVE-2024-1681

CVE-2025-41224 : Access Control Vulnerability in RUGGEDCOM Network Devices by Siemens

Trust: 5.0

Fetched: July 9, 2025, 9:55 a.m., Published: July 8, 2025, 10:35 a.m.
 Vulnerabilities: access control vulnerability
Affected productsExternal IDs
vendor: siemens model: ruggedcom
db: NVD ids: CVE-2025-41224

Update Canonical Ubuntu Desktop: USN-7615-1: ClamAV vulnerabilities

Trust: 5.75

Fetched: July 9, 2025, 9:54 a.m., Published: Jan. 9, 7615, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: clamav model: clamav
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-20234, CVE-2025-20260

Specific Ricoh MFP and Printer Products - Multiple vulnerabilities (CVE-2017-9765, CVE-2024-2169, CVE-2024-51977, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984) | Ricoh Finland

Trust: 3.25

Fetched: July 9, 2025, 9:51 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-51977, CVE-2024-51982, CVE-2024-2169, CVE-2024-51981, CVE-2024-51979, CVE-2017-9765, CVE-2024-51980, CVE-2024-51984, CVE-2024-51983

Specific Ricoh MFP and Printer Products - Multiple vulnerabilities (CVE-2017-9765, CVE-2024-2169, CVE-2024-51977, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984) | Ricoh Sverige

Trust: 3.25

Fetched: July 9, 2025, 9:50 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-51977, CVE-2024-51982, CVE-2024-2169, CVE-2024-51981, CVE-2024-51979, CVE-2017-9765, CVE-2024-51980, CVE-2024-51984, CVE-2024-51983

Understanding and Addressing Linux Vulnerabilities | LinuxVox.com

Trust: 3.75

Fetched: July 9, 2025, 9:49 a.m., Published: July 9, 2025, midnight
 Vulnerabilities: privilege escalation, sql injection, buffer overflow
Affected productsExternal IDs

CVE-2025-5484: Widespread Vulnerability in SinoTrack Device Management Interface - Cybersecurity Exploit Tracker by Ameeba

Trust: 5.0

Fetched: July 9, 2025, 9:48 a.m., Published: June 22, 2025, 1:12 a.m.
 Vulnerabilities: default password
Affected productsExternal IDs
db: NVD ids: CVE-2025-5484

Navigating Danger: Qualcomm GPS Vulnerability CVE-2025-21450 Exposes Devices to Critical MitM Attacks - ZeroPath Blog

Trust: 4.75

Fetched: July 9, 2025, 9:48 a.m., Published: July 9, 2025, midnight
 Vulnerabilities: memory corruption, denial of service, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2016-5341, CVE-2025-21450

Update Canonical Ubuntu Desktop: USN-7620-1: File::Find::Rule vulnerability

Trust: 3.0

Fetched: July 9, 2025, 9:47 a.m., Published: Jan. 9, 7620, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

July 2025 Patch Tuesday: 130 Vulnerabilities Addressed

Trust: 4.0

Fetched: July 9, 2025, 9:40 a.m., Published: July 9, 2025, 9:05 a.m.
 Vulnerabilities: code execution, privilege escalation, information leak
Affected productsExternal IDs
db: NVD ids: CVE-2025-47981, CVE-2025-49696, CVE-2025-48001, CVE-2025-49735, CVE-2025-49697, CVE-2025-49719, CVE-2025-48822, CVE-2025-49695

Update Canonical Ubuntu Desktop: USN-7617-1: libtpms vulnerability

Trust: 4.25

Fetched: July 9, 2025, 9:39 a.m., Published: Jan. 9, 7617, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

MediaTek July 2025 Security Patch Addresses Multiple Vulnerabilities Across Range of Chipsets

Trust: 4.75

Fetched: July 9, 2025, 9:38 a.m., Published: July 8, 2025, 2:51 p.m.
 Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2025-20684, CVE-2025-20695, CVE-2025-20688, CVE-2025-20694, CVE-2025-20681, CVE-2025-20686, CVE-2025-20680, CVE-2025-20685, CVE-2025-20692, CVE-2025-20687