Sign-up

VARIoT news about IoT security

CVE-2025-26411 : Remote Code Execution Vulnerability in Wattsense Bridge Devices | SecurityVulnerability.io

Trust: 3.25

Fetched: Feb. 12, 2025, 9:25 a.m., Published: Feb. 11, 2025, 9:21 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-26411

Massive Brute Force Attack Targets VPN and Firewall Logins Using 2.8 Million IPs

Trust: 5.75

Fetched: Feb. 12, 2025, 9:24 a.m., Published: Feb. 10, 2025, 3:16 a.m.
 Vulnerabilities: brute force attack
Affected productsExternal IDs
vendor: check point model: check point
vendor: mikrotik model: routers
vendor: mikrotik model: mikrotik
vendor: cisco model: cisco routers
vendor: cisco model: routers
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: palo alto networks globalprotect
vendor: palo alto networks model: networks globalprotect
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo model: palo alto networks globalprotect
vendor: palo model: networks globalprotect
vendor: sonicwall model: remote access
vendor: sonicwall model: netextender
vendor: huawei model: huawei
db: NVD ids: CVE-2024-8190, CVE-2025-23006

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

Trust: 3.0

Fetched: Feb. 12, 2025, 9:24 a.m., Published: Feb. 11, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

iPhone Security Alert: Apple releases emergency iOS update to fix data leak vulnerability - The Economic Times

Trust: 3.75

Fetched: Feb. 12, 2025, 9:23 a.m., Published: Feb. 11, 2025, 5:02 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: ipad air
vendor: apple model: iphone
db: NVD ids: CVE-2025-24200

U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog

Trust: 5.0

Fetched: Feb. 12, 2025, 9:23 a.m., Published: Feb. 12, 2025, 8:01 a.m.
 Vulnerabilities: privilege escalation, command injection, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2025-21418, CVE-2024-40891, CVE-2025-21391, CVE-2024-40890

CVE-2024-53651 : Data Exposure Vulnerability in SIPROTEC 5 Devices by Siemens | SecurityVulnerability.io

Related entries in the VARIoT vulnerabilities database: VAR-202502-0199

Trust: 4.0

Fetched: Feb. 12, 2025, 9:18 a.m., Published: Feb. 11, 2025, 10:28 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: siprotec
vendor: siemens model: siprotec 5
db: NVD ids: CVE-2024-53651

Windows 11 KB5051987 KB5051989 February 2025 Patch And 4 Zero Day Vulnerabilities And 55 Flaws HTMD Blog

Trust: 4.5

Fetched: Feb. 12, 2025, 9:15 a.m., Published: Feb. 11, 2025, 6:51 p.m.
 Vulnerabilities: security feature bypass, feature bypass
Affected productsExternal IDs
vendor: asus model: asus
db: NVD ids: CVE-2025-21194, CVE-2025-21377, CVE-2025-21391, CVE-2025-21418

Apple devices on verge of exploitation of CVE-2025-24200

Related entries in the VARIoT vulnerabilities database: VAR-202501-3666

Trust: 4.5

Fetched: Feb. 12, 2025, 9:15 a.m., Published: Feb. 11, 2025, 4:08 p.m.
 Vulnerabilities: authorization issue
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: ipad air
vendor: apple model: iphone
db: NVD ids: CVE-2025-24200, CVE-2025-24085

Windows 10 KB5051974 February 2025 Patch And 4 Zero Day Vulnerabilities And 55 Flaws HTMD Blog

Trust: 4.5

Fetched: Feb. 12, 2025, 9:14 a.m., Published: Feb. 11, 2025, 6:57 p.m.
 Vulnerabilities: security feature bypass, feature bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-21418, CVE-2025-21377, CVE-2025-21391, CVE-2025-21194

Cyber Security Agency Warns Of Active Vulnerability In Apple Devices

Trust: 4.75

Fetched: Feb. 12, 2025, 9:13 a.m., Published: Feb. 11, 2025, 12:46 p.m.
 Vulnerabilities: authorization issue
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: iphone
db: NVD ids: CVE-2025-24200

Apple Releases Urgent Patch for USB Vulnerability

Trust: 3.75

Fetched: Feb. 12, 2025, 9:13 a.m., Published: Feb. 12, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: iphone
db: NVD ids: CVE-2025-24200

Apple patches iPhone exploit that allowed for ‘extremely sophisticated' attack

Trust: 3.0

Fetched: Feb. 12, 2025, 9:12 a.m., Published: Feb. 26, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: software update

iOS 18.3.1 update fixes security flaw used in “extremely sophisticated attack” - Ars Technica

Trust: 4.0

Fetched: Feb. 12, 2025, 9:12 a.m., Published: Feb. 11, 2025, 3:17 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: watchos
db: NVD ids: CVE-2025-24200

Critical SAP NetWeaver Vulnerabilities Let Attacker Gain Access to the system

Trust: 4.0

Fetched: Feb. 11, 2025, 9:44 a.m., Published: Jan. 14, 2025, 2:21 p.m.
 Vulnerabilities: service disruption, authentication vulnerability, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-0066, CVE-2025-0070

Zoom Patches Multiple Vulnerabilities That Let Attackers Escalate Privileges

Trust: 6.0

Fetched: Feb. 11, 2025, 9:44 a.m., Published: Jan. 15, 2025, 4:10 a.m.
 Vulnerabilities: information disclosure, search path issue, privilege escalation...
Affected productsExternal IDs
vendor: zoom model: client
db: NVD ids: CVE-2025-0143, CVE-2025-0142, CVE-2025-0147, CVE-2025-0146, CVE-2025-0145, CVE-2025-0144

Recent cases of watering hole attacks: Part 1 | APNIC Blog

Trust: 3.0

Fetched: Feb. 11, 2025, 9:43 a.m., Published: Jan. 31, 2025, 5:31 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: jquery model: jquery

S.M.A.R.T METERS DEATH GRID - by OUTRAGED HUMAN

Trust: 3.5

Fetched: Feb. 11, 2025, 9:43 a.m., Published: May 25, 2022, 1:01 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

Update Canonical Ubuntu Desktop: USN-7258-1: CKEditor vulnerabilities

Trust: 4.0

Fetched: Feb. 11, 2025, 9:35 a.m., Published: Jan. 11, 7258, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-24816, CVE-2024-43411, CVE-2023-28439, CVE-2022-24728, CVE-2024-24815

Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability Exploited in Attacks (CVE-2024-55591) - Qualys ThreatPROTECT

Trust: 6.0

Fetched: Feb. 11, 2025, 9:35 a.m., Published: -
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: node.js model: node.js
db: NVD ids: CVE-2024-55591

Netgear Patches Critical Vulnerabilities in Multiple WiFi Router Models

Trust: 4.5

Fetched: Feb. 11, 2025, 9:34 a.m., Published: Feb. 5, 2025, 11:01 a.m.
 Vulnerabilities: cross-site scripting, code execution, authentication bypass
Affected productsExternal IDs
vendor: netgear model: netgear router firmware
vendor: netgear model: xr500
vendor: netgear model: router
vendor: netgear model: netgear router