Sign-up

VARIoT news about IoT security

What Is End-to-End Encryption? | IBM

Trust: 3.0

Fetched: May 27, 2025, 9:21 a.m., Published: Sept. 22, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

AutomationDirect Modbus Gateway vulnerability: Find affected assets

Trust: 3.0

Fetched: May 27, 2025, 9:19 a.m., Published: May 27, 2025, 3:44 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-0994

Check Point Software: Edge Devices Become Primary Targets in Cyberattacks

Trust: 3.75

Fetched: May 27, 2025, 9:19 a.m., Published: May 27, 2025, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: security
vendor: asus model: routers
vendor: asus model: asus
vendor: mikrotik model: routers
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: mikrotik
vendor: check point model: check point
vendor: cisco model: routers

Critical Hitachi Energy ICS Vulnerability: Buffer Overflow Risks in Power Grid Control Devices | Windows Forum

Trust: 5.5

Fetched: May 27, 2025, 9:16 a.m., Published: May 27, 2025, midnight
 Vulnerabilities: code execution, denial of service, buffer overflow...
Affected productsExternal IDs
db: NVD ids: CVE-2023-4518

CVE-2025-4041 : OS Command Execution Vulnerability in Optigo Networks Device

Trust: 3.25

Fetched: May 27, 2025, 9:11 a.m., Published: May 6, 2025, 4:35 p.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-4041

CISA Adds GeoVision IoT Vulnerabilities CVE-2024-6047 & CVE-2024-11120 to KEV Catalog: What You Need to Know | Windows Forum

Related entries in the VARIoT vulnerabilities database: VAR-202406-0975

Trust: 4.5

Fetched: May 27, 2025, 9:05 a.m., Published: May 27, 2025, midnight
 Vulnerabilities: os command injection, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-11120, CVE-2024-6047

Critical Siemens Safety Device Vulnerabilities: Risks and Mitigation Strategies in Industrial Automation | Windows Forum

Trust: 3.5

Fetched: May 27, 2025, 9:04 a.m., Published: May 27, 2025, midnight
 Vulnerabilities: weak password, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-24009, CVE-2025-24007, CVE-2025-24008

UK report uncovers serious security flaws in business IoT devices

Trust: 3.25

Fetched: May 27, 2025, 9:04 a.m., Published: May 13, 2025, 1:08 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Cybersecurity News | Daily Recap [24 May 2025]

Related entries in the VARIoT vulnerabilities database: VAR-202505-1902

Trust: 4.5

Fetched: May 25, 2025, 9:29 a.m., Published: May 25, 2025, 12:36 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: netgear model: netgear router
vendor: netgear model: router
db: NVD ids: CVE-2025-31219, CVE-2025-4978

AirBorne Vulnerabilities: Critical Security Flaws in Appleā€™s AirPlay Put Billions of Devices at Risk - UNDERCODE NEWS

Trust: 4.5

Fetched: May 25, 2025, 9:27 a.m., Published: April 30, 2025, 6:30 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: tvos
vendor: apple model: macos
db: NVD ids: CVE-2025-24137, CVE-2025-24132, CVE-2025-24252, CVE-2025-24206, CVE-2025-24271

Cisco Unified Contact Center Enterprise Cloud Connect Insufficient Access Control Vulnerability - Cisco

Trust: 5.0

Fetched: May 25, 2025, 9:27 a.m., Published: May 21, 2025, 11:40 a.m.
 Vulnerabilities: access control vulnerability
Affected productsExternal IDs
vendor: cisco model: cisco unified contact center enterprise
vendor: cisco model: unified contact center enterprise

CVE-2025-31238 : Memory Corruption Vulnerability in Apple Devices

Trust: 5.75

Fetched: May 25, 2025, 9:26 a.m., Published: May 12, 2025, 9:42 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: tvos
vendor: apple model: watchos
db: NVD ids: CVE-2025-31238

SECURITY BULLETIN: February 2023 Security Bulletin for Trend Micro Apex One

Trust: 4.25

Fetched: May 25, 2025, 9:25 a.m., Published: Feb. 25, 2023, midnight
 Vulnerabilities: privilege escalation, code execution, uncontrolled search path...
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2023-0587, CVE-2023-25143, CVE-2023-25148, CVE-2023-25144, CVE-2023-25146, CVE-2023-25145, CVE-2023-25147

U.S. CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog

Related entries in the VARIoT vulnerabilities database: VAR-202312-2070

Trust: 5.5

Fetched: May 25, 2025, 9:25 a.m., Published: May 2, 2025, 7:49 a.m.
 Vulnerabilities: session hijacking, os command injection, command injection
Affected productsExternal IDs
vendor: sonicwall model: sma100
vendor: sonicwall model: secure mobile access
vendor: sonicwall model: ssl-vpn
vendor: sonicwall model: sma 100
vendor: brocade model: brocade fabric os
vendor: brocade model: fabric os
vendor: broadcom model: brocade fabric os
db: NVD ids: CVE-2024-38475, CVE-2023-44221

Understanding and Mitigating CVE-2025-27671: Critical Device Impersonation Vulnerability in Vasion Print

Trust: 4.0

Fetched: May 25, 2025, 9:25 a.m., Published: May 26, 2025, midnight
 Vulnerabilities: device impersonation, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-27671

Network Enumeration: Step-by-Step Breakdown - PenteScope

Trust: 3.5

Fetched: May 25, 2025, 9:23 a.m., Published: May 8, 2025, 5:27 a.m.
 Vulnerabilities: default credentials, password guessing
Affected productsExternal IDs
vendor: wireshark model: wireshark

IoT Device Vulnerabilities Exploited for Mirai Botnet Attacks | B2Bdaily.com

Related entries in the VARIoT vulnerabilities database: VAR-202406-0975

Trust: 4.5

Fetched: May 25, 2025, 9:23 a.m., Published: May 8, 2025, 5:14 a.m.
 Vulnerabilities: path traversal, code execution
Affected productsExternal IDs
vendor: samsung model: samsung
db: NVD ids: CVE-2024-6047, CVE-2024-11120

Medical Device Cybersecurity Risks Explained | Open Medscience

Trust: 3.0

Fetched: May 25, 2025, 9:22 a.m., Published: May 23, 2025, 10:07 p.m.
 Vulnerabilities: default password
Affected productsExternal IDs

SonicBoom, From Stolen Tokens to Remote Shells - SonicWall SMA (CVE-2023-44221, CVE-2024-38475)

Related entries in the VARIoT vulnerabilities database: VAR-202312-2070

Trust: 4.25

Fetched: May 25, 2025, 9:21 a.m., Published: May 1, 2025, 10:31 p.m.
 Vulnerabilities: command execution, command injection
Affected productsExternal IDs
vendor: orange model: web server
vendor: canary model: canary
vendor: sonicwall model: sma100
vendor: sonicwall model: secure mobile access
vendor: sonicwall model: ssl-vpn
vendor: sonicwall model: ssl-vpn web server
vendor: sonicwall model: sonicwall ssl-vpn
db: NVD ids: CVE-2024-38475, CVE-2023-44221

Critical Siemens IPC Vulnerability (CVE-2024-54085): Protecting Industrial Systems from Authentication Bypass | Windows Forum

Trust: 4.75

Fetched: May 25, 2025, 9:14 a.m., Published: May 25, 2025, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: siemens model: simatic
db: NVD ids: CVE-2024-54085