Sign-up

VARIoT news about IoT security

Surge in threat actors scanning Juniper, Cisco, and Palo Alto Networks devices | CSO Online

Trust: 4.75

Fetched: April 9, 2025, 9:24 a.m., Published: April 3, 2025, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks
vendor: cisco systems model: router
vendor: cisco model: router

MediaTek Security Update - Patch for Vulnerabilities Affecting Smartphone, Tablet, & other Devices

Trust: 4.75

Fetched: April 9, 2025, 9:24 a.m., Published: April 7, 2025, 12:48 p.m.
 Vulnerabilities: privilege escalation, code execution, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2025-20658, CVE-2025-20654, CVE-2025-20656, CVE-2025-20664, CVE-2025-20657, CVE-2025-20655, CVE-2025-20659

Versa Security and Trust Center | Versa Networks

Related entries in the VARIoT vulnerabilities database: VAR-202501-3666

Trust: 4.25

Fetched: April 9, 2025, 9:23 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2025-24085, CVE-2025-30065, CVE-2025-0282, CVE-2025-22457, CVE-2025-2825, CVE-2025-24200, CVE-2025-24201

CVE-2024-23943 : Unauthenticated Remote Access Vulnerability in Cloud API of Affected Devices | SecurityVulnerability.io

Trust: 3.25

Fetched: April 9, 2025, 9:20 a.m., Published: March 18, 2025, 11:03 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-23943

Android owners told to update NOW as Google reveals 60 bugs - and one lets hackers unlock your phone without a passcode | The Irish Sun

Trust: 4.5

Fetched: April 9, 2025, 9:19 a.m., Published: April 8, 2025, 12:03 p.m.
 Vulnerabilities: privilege escalation, memory corruption
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: google model: chrome
vendor: essential model: phone
vendor: samsung model: mobile
vendor: samsung model: android phone
vendor: samsung model: samsung
vendor: huawei model: huawei
db: NVD ids: CVE-2024-53197, CVE-2024-53150

Google's Latest Patch Fixes 62 Security Vulnerabilities in Android | Lifehacker

Trust: 5.75

Fetched: April 9, 2025, 9:18 a.m., Published: April 8, 2025, 8 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: motorola model: motorola
vendor: motorola model: android
vendor: google model: pixel
vendor: google model: android
vendor: samsung model: samsung
vendor: alsa model: alsa
db: NVD ids: CVE-2024-53197, CVE-2024-53150

Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2025-2783) - Qualys ThreatPROTECT

Trust: 3.75

Fetched: April 9, 2025, 9:18 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2025-2783

CVE-2025-27484: Critical UPnP Vulnerability Threatens Windows Security | Windows Forum

Trust: 5.5

Fetched: April 9, 2025, 9:17 a.m., Published: May 9, 2025, midnight
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-27484

Google Releases April 2025 Android Security Patch Addressing Actively Exploited Vulnerabilities

Trust: 4.5

Fetched: April 9, 2025, 9:15 a.m., Published: April 8, 2025, 10:32 a.m.
 Vulnerabilities: privilege escalation, information disclosure, denial of service
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2025-22439, CVE-2025-22426, CVE-2024-49730, CVE-2025-22422, CVE-2024-53197, CVE-2025-22421, CVE-2025-22417, CVE-2025-22434, CVE-2025-22442, CVE-2024-49720, CVE-2025-22419, CVE-2025-22435, CVE-2025-22424, CVE-2025-22416, CVE-2025-22418, CVE-2025-22438, CVE-2025-22432, CVE-2024-40653, CVE-2024-49728, CVE-2024-53150, CVE-2025-22429, CVE-2025-22423, CVE-2025-22431, CVE-2024-49722, CVE-2025-22437, CVE-2025-22428, CVE-2025-26416, CVE-2025-22433, CVE-2025-22427, CVE-2025-22430

Windows 11 KB5055523 KB5055528 April 2025 Patch And 1 Zero Day Vulnerability And 134 Flaws HTMD Blog

Trust: 3.5

Fetched: April 9, 2025, 9:14 a.m., Published: April 8, 2025, 6:12 p.m.
 Vulnerabilities: information disclosure, feature bypass, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2025-29824

SSA-634640

Trust: 3.0

Fetched: April 9, 2025, 9:13 a.m., Published: April 1, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-54092

SSA-819629

Trust: 3.0

Fetched: April 9, 2025, 9:13 a.m., Published: April 1, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-54092

How to Identify Unknown Devices Connected to Your Network | GeeksforGeeks

Trust: 3.5

Fetched: April 8, 2025, 9:42 a.m., Published: Nov. 11, 2022, 7:02 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos

Aplikacja uniwersalna systemu Windows Dell Update | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: April 8, 2025, 9:40 a.m., Published: May 5, 2000, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: latitude

Apple Backports Fixes for Three Actively Exploited Zero-Days Targeting Older Devices

Related entries in the VARIoT vulnerabilities database: VAR-202501-3666

Trust: 4.75

Fetched: April 8, 2025, 9:40 a.m., Published: April 1, 2025, 1:58 a.m.
 Vulnerabilities: authorization issue, authorization flaw, privilege escalation
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: safari
vendor: apple model: macos
db: NVD ids: CVE-2025-24200, CVE-2025-24085, CVE-2025-24201

Is The Sofistication In The Room With Us? - X-Forwarded-For and Ivanti Connect Secure (CVE-2025-22457)

Trust: 4.5

Fetched: April 8, 2025, 9:38 a.m., Published: April 4, 2025, 1:45 p.m.
 Vulnerabilities: buffer overflow, code execution, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2025-22457

CVE-2025-2189 - Information Disclosure Vulnerability in Tinxy Smart Devices - SecAlerts

Trust: 4.25

Fetched: April 8, 2025, 9:37 a.m., Published: April 5, 2025, midnight
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-2189

Apple just finally patched a whole host of OS security issues on older devices, so update now | TechRadar

Related entries in the VARIoT vulnerabilities database: VAR-202501-3666

Trust: 5.0

Fetched: April 8, 2025, 9:36 a.m., Published: April 2, 2025, 11:27 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: webkit
db: NVD ids: CVE-2025-24200, CVE-2025-24085, CVE-2025-24201, CVE-2024-24201

MediaTek Releases Security Patch to Fix Vulnerabilities in Mobile and IoT Devices

Trust: 5.75

Fetched: April 8, 2025, 9:36 a.m., Published: April 7, 2025, 11:14 a.m.
 Vulnerabilities: code execution, privilege escalation, information disclosure...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2025-20655, CVE-2025-20654, CVE-2025-20657, CVE-2025-20656, CVE-2025-20658

CVE-2025-2620: Critical Vulnerability Found in D-Link DAP-162 1.03 - Exploit Details and How to Safeguard Your Device

Related entries in the VARIoT vulnerabilities database: VAR-202503-2642

Trust: 5.0

Fetched: April 8, 2025, 9:36 a.m., Published: March 22, 2025, 3:15 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-2620