Sign-up

VARIoT news about IoT security

CVE-2025-31219 Race Condition Vulnerability in Apple’s XNU Kernel - TheCyberThrone

Related entries in the VARIoT vulnerabilities database: VAR-202108-1374

Trust: 5.5

Fetched: May 28, 2025, 9:05 a.m., Published: May 24, 2025, 1:01 p.m.
 Vulnerabilities: privilege escalation, code execution, memory corruption
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xr
vendor: cisco model: cisco ios xr
vendor: apple model: macos
vendor: apple model: tvos
vendor: apple model: watchos
vendor: google model: android
db: NVD ids: CVE-2021-0920, CVE-2022-20821, CVE-2021-1048, CVE-2025-31219, CVE-2021-30869

CVE-2025-41651 - Cisco Device Remote Command Execution Vulnerability

Trust: 5.0

Fetched: May 28, 2025, 9:05 a.m., Published: May 27, 2025, 9:15 a.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-41651

Arm Mali GPU Vulnerability Enables Bypass of MTE and Arbitrary Kernel Code Execution

Trust: 5.25

Fetched: May 28, 2025, 9:05 a.m., Published: May 27, 2025, 10:42 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-0072

Cisco security flaw exploited to build botnet of thousands of devices | TechRadar

Related entries in the VARIoT vulnerabilities database: VAR-202304-1067

Trust: 4.75

Fetched: May 28, 2025, 9:04 a.m., Published: May 27, 2025, 6:34 p.m.
 Vulnerabilities: improper validation
Affected productsExternal IDs
vendor: asus model: router
vendor: asus model: routers
vendor: asus model: asus
vendor: cisco model: router
vendor: cisco model: rv082
vendor: cisco model: rv325
vendor: cisco model: cisco routers
vendor: cisco model: routers
vendor: cisco model: rv042g
vendor: cisco model: small business
vendor: cisco model: cisco small business
vendor: cisco model: rv320
vendor: cisco model: rv016
vendor: cisco model: rv042
db: NVD ids: CVE-2023-20118

CVE-2025-3078 : Passback Vulnerability Affecting Production Printers and Office Multifunction Devices by Canon

Trust: 3.25

Fetched: May 27, 2025, 9:30 a.m., Published: May 20, 2025, 12:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-3078

Multiple Vulnerabilities in SonicWall Secure Mobile Access (SMA) 100 Series Management Interface Could Allow for Remote Code Execution

Trust: 5.0

Fetched: May 27, 2025, 9:30 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: secure mobile access

Update Canonical Ubuntu Server: USN-7491-1: Linux kernel (OEM) vulnerabilities

Trust: 4.25

Fetched: May 27, 2025, 9:29 a.m., Published: Jan. 27, 7491, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-21813, CVE-2025-21902

CVE-2025-5145 : Command Injection Vulnerability in Netcore Networking Devices

Trust: 4.5

Fetched: May 27, 2025, 9:28 a.m., Published: May 25, 2025, 5:31 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-5145

CVE-2025-20182: Critical Vulnerability in Cisco Device Software Allows DoS Attacks - Cybersecurity Exploit Tracker by Ameeba

Trust: 5.75

Fetched: May 27, 2025, 9:28 a.m., Published: May 17, 2025, 9:22 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios software
vendor: cisco model: cisco ios xe
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: adaptive security appliance
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: ios xe software
db: NVD ids: CVE-2025-20182

AutomationDirect MB-Gateway | CISA

Trust: 5.0

Fetched: May 27, 2025, 9:27 a.m., Published: May 1, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-36535

U.S. CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalog - ITSecurityNewsBox

Related entries in the VARIoT vulnerabilities database: VAR-202406-0975

Trust: 5.5

Fetched: May 27, 2025, 9:26 a.m., Published: May 8, 2025, midnight
 Vulnerabilities: os command injection, command injection
Affected productsExternal IDs
vendor: broadcom model: brocade fabric os
vendor: brocade model: fabric os
vendor: brocade model: brocade fabric os
db: NVD ids: CVE-2024-11120, CVE-2024-6047

Common Medical Device Communication Protocols - BMR TechWorks

Trust: 4.0

Fetched: May 27, 2025, 9:26 a.m., Published: May 15, 2025, 9:52 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

CVE-2025-41645 - D-Link Device Hijacking Vulnerability - DevStackTips

Trust: 3.25

Fetched: May 27, 2025, 9:25 a.m., Published: May 13, 2025, 12:41 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-41645

What is Ethical Hacking? | IBM

Trust: 3.75

Fetched: May 27, 2025, 9:25 a.m., Published: Oct. 20, 2023, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: wireshark model: wireshark

SSA-864900

Trust: 4.25

Fetched: May 27, 2025, 9:25 a.m., Published: May 1, 2025, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-32122, CVE-2024-52963

Cisco Identity Services Engine RADIUS Denial of Service Vulnerability - Cisco

Trust: 3.75

Fetched: May 27, 2025, 9:24 a.m., Published: May 21, 2025, 11:40 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine

CVE-2025-31204: Memory Corruption Vulnerability in Multiple Apple Operating Systems - Cybersecurity Exploit Tracker by Ameeba

Trust: 5.75

Fetched: May 27, 2025, 9:24 a.m., Published: May 18, 2025, 5:24 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: safari
vendor: apple model: tvos
vendor: apple model: mac os x
vendor: apple model: watchos
vendor: apple model: mac os
db: NVD ids: CVE-2025-31204

ViciousTrap Exploits Cisco Vulnerability to Create Global Honeypot with 5,300 Infected Devices - cloudindustryreview.com

Trust: 3.5

Fetched: May 27, 2025, 9:22 a.m., Published: May 23, 2025, 1:04 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco systems model: ios software
vendor: cisco systems model: routers
vendor: cisco systems model: cisco ios
vendor: trend model: antivirus
vendor: trend model: security
vendor: cisco model: ios software
vendor: cisco model: routers
vendor: cisco model: cisco ios

10 Security Tips for IoT Devices | GeeksforGeeks

Trust: 4.75

Fetched: May 27, 2025, 9:22 a.m., Published: May 26, 2020, 6:20 p.m.
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: essential model: phone

Exposed and Exploited: The Growing Danger of Edge Device Attacks in India’s Critical Systems - Business Micro

Trust: 3.75

Fetched: May 27, 2025, 9:21 a.m., Published: May 27, 2025, 4:43 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: security
vendor: asus model: routers
vendor: asus model: asus
vendor: mikrotik model: routers
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: mikrotik
vendor: check point model: check point
vendor: cisco model: routers