VARIoT latest news about IoT security

Update Canonical Ubuntu Desktop: USN-7632-1: YAML-LibYAML vulnerability Trust: 3.0 Fetched: July 23, 2025, 12:20 p.m., Published: Jan. 23, 7632, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

canonical

model:

ubuntu

Update Canonical Ubuntu Server: USN-7632-1: YAML-LibYAML vulnerability Trust: 3.0 Fetched: July 23, 2025, 12:20 p.m., Published: Jan. 23, 7632, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

canonical

model:

ubuntu

Update Canonical Ubuntu Server: USN-7624-1: FreeRDP vulnerability Trust: 4.25 Fetched: July 23, 2025, 12:19 p.m., Published: Jan. 23, 7624, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

canonical

model:

ubuntu

Update Canonical Ubuntu Server: USN-7651-2: Linux kernel vulnerabilities Trust: 3.0 Fetched: July 23, 2025, 12:14 p.m., Published: Feb. 23, 7651, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

canonical

model:

ubuntu

Update Canonical Ubuntu Desktop: USN-7648-1: PHP vulnerabilities Trust: 6.0 Fetched: July 23, 2025, 12:14 p.m., Published: Jan. 23, 7648, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

canonical

model:

ubuntu

db:

NVD

ids:

CVE-2025-1735, CVE-2025-1220, CVE-2025-6491

CVE-2024-51978 : Device Vulnerability in Brother's Multifunction Printers and Scanners Trust: 3.25 Fetched: July 23, 2025, 12:13 p.m., Published: June 25, 2025, 7:17 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-51978

Top IoT Vulnerabilities: How to Secure Smart Devices in 2025 - AstrillVPN Blog Trust: 3.25 Fetched: July 23, 2025, 12:12 p.m., Published: July 22, 2025, 11:25 a.m.	Vulnerabilities: buffer overflow, default credentials, cross-site scripting...

Affected products	External IDs

Mazāk "konču" un piena. Kā pusaudzim atbrīvoties no pumpām? - Santa Trust: 3.0 Fetched: July 23, 2025, 11:07 a.m., Published: July 23, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

roku

model:

roku

Niezošas pumpas bērnam. No kā tās varētu būt? \| Veselam.lv Trust: 3.0 Fetched: July 23, 2025, 11:07 a.m., Published: July 23, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

roku

model:

roku

Sped - Trans : Przedsiębiorstwo usługowo - spedycyjne. Import, export, tranzyt, spedycja, transport, logistyka. Gdynia. Trust: 3.0 Fetched: July 23, 2025, 9:57 a.m., Published: July 23, 2000, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

roku

model:

roku

Tłumaczenie tekstu pisanego - Komputer - Google Translate - Pomoc Trust: 3.0 Fetched: July 23, 2025, 9:29 a.m., Published: July 23, 5000, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

chrome

Update Canonical Ubuntu Desktop: USN-7628-1: Linux kernel (Azure) vulnerabilities Trust: 3.75 Fetched: July 22, 2025, 9:59 a.m., Published: Jan. 22, 7628, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	canonical	model:	ubuntu
vendor:	alsa	model:	alsa
vendor:	acrn	model:	acrn

db:

NVD

ids:

CVE-2025-2312

CVE-2025-32879: Unauthenticated Access Vulnerability in COROS PACE 3 Devices - Cybersecurity Exploit Tracker by Ameeba Trust: 3.0 Fetched: July 22, 2025, 9:59 a.m., Published: June 26, 2025, 2:02 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-32879

Microsoft Patch Tuesday, July 2025 Edition - Krebs on Security Trust: 4.0 Fetched: July 22, 2025, 9:58 a.m., Published: July 22, 2025, midnight	Vulnerabilities: code execution, information disclosure, authentication vulnerability

Affected products

External IDs

db:

NVD

ids:

CVE-2025-47178, CVE-2025-49695, CVE-2025-49697, CVE-2025-49696, CVE-2025-47981, CVE-2025-49740, CVE-2025-49702, CVE-2025-49719

HIKVISION Vulnerability Exposes Devices to Code Execution Attacks Trust: 4.25 Fetched: July 22, 2025, 9:57 a.m., Published: July 3, 2025, midnight	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	hikvision	model:	ip cameras
vendor:	hikvision	model:	hikvision

SoC Vulnerabilities in Medical Devices: What Manufacturers Need to Know - Blue Goat Cyber Trust: 4.75 Fetched: July 22, 2025, 9:56 a.m., Published: April 7, 2024, 5:22 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	siemens	model:	nucleus
vendor:	siemens	model:	nucleus rtos

Critical Remote Takeover Vulnerability in WAGO Device Sphere - Advisories Trust: 4.25 Fetched: July 22, 2025, 9:56 a.m., Published: July 10, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

wago

model:

wago

db:

NVD

ids:

CVE-2025-6491, CVE-2025-41672, CVE-2025-1735

Malware Identified in Attacks Exploiting Ivanti Connect Secure Vulnerabilities Trust: 4.0 Fetched: July 22, 2025, 9:55 a.m., Published: July 18, 2025, 3:42 p.m.	Vulnerabilities: privilege escalation, password guessing, code insertion

Affected products

External IDs

db:

NVD

ids:

CVE-2025-0282, CVE-2025-22457

CVE-2025-32877: Critical Authentication Bypass Vulnerability in COROS PACE 3 Devices - Cybersecurity Exploit Tracker by Ameeba Trust: 5.0 Fetched: July 22, 2025, 9:55 a.m., Published: June 26, 2025, 6:58 a.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2025-32877

Threat Actors Exploiting Ivanti Connect Secure Vulnerabilities to Deploy Trust: 4.25 Fetched: July 22, 2025, 9:54 a.m., Published: July 20, 2025, 5:31 p.m.	Vulnerabilities: command execution, arbitrary command execution

Affected products

External IDs

vendor:	palo alto networks	model:	networks
vendor:	palo alto networks	model:	firewall
vendor:	snort	model:	snort
vendor:	palo	model:	networks
vendor:	palo	model:	firewall

db:

NVD

ids:

CVE-2025-0282, CVE-2025-22457

VARIoT news about IoT security