Sign-up

VARIoT news about IoT security

System BIOS komputera Dell Precision 5540 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Feb. 25, 2025, 9:26 a.m., Published: Feb. 25, 5540, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

System BIOS komputera Dell Precision 5690 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 25, 2025, 9:26 a.m., Published: Feb. 25, 5690, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Why rebooting your phone daily is your best defense against zero-click attacks | ZDNET

Trust: 3.75

Fetched: Feb. 25, 2025, 9:25 a.m., Published: Feb. 16, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: android

Update Canonical Ubuntu Server: USN-7278-1: OpenSSL vulnerabilities

Trust: 6.25

Fetched: Feb. 25, 2025, 9:24 a.m., Published: Jan. 25, 7278, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-9143, CVE-2024-13176

Security researcher finds vulnerability in internet-connected bed, could allow access to all devices on network | Tom's Hardware

Trust: 3.75

Fetched: Feb. 25, 2025, 9:24 a.m., Published: Feb. 23, 2025, 3:27 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

How to Keep Your Smart Home Devices Secure

Trust: 4.25

Fetched: Feb. 25, 2025, 9:21 a.m., Published: Feb. 21, 2025, 3:06 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: google model: home
vendor: mesh model: mesh

Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks

Trust: 3.0

Fetched: Feb. 25, 2025, 9:21 a.m., Published: Feb. 24, 2025, 7:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-50609, CVE-2024-50608

Update Canonical Ubuntu Desktop: USN-7280-1: Python vulnerability

Trust: 4.0

Fetched: Feb. 25, 2025, 9:21 a.m., Published: Jan. 25, 7280, midnight
 Vulnerabilities: request forgery
Affected productsExternal IDs
vendor: canonical model: ubuntu

Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability

Trust: 3.25

Fetched: Feb. 25, 2025, 9:20 a.m., Published: Jan. 29, 2025, 5:11 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-40891

Update Canonical Ubuntu Desktop: USN-7275-2: Libtasn1 vulnerability

Trust: 4.25

Fetched: Feb. 25, 2025, 9:18 a.m., Published: Feb. 25, 7275, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries

Trust: 4.75

Fetched: Feb. 25, 2025, 9:16 a.m., Published: Feb. 24, 2025, 7:43 a.m.
 Vulnerabilities: sql injection, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-26794

Security considerations for edge devices (ITSM.80.101) - Canadian Cyber Watch

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 5.25

Fetched: Feb. 25, 2025, 9:15 a.m., Published: Feb. 25, 2025, midnight
 Vulnerabilities: denial of service, privilege escalation
Affected productsExternal IDs
vendor: fortigate model: fortios
vendor: cisco model: cisco ios
vendor: cisco model: router
vendor: cisco model: series
vendor: cisco model: routers
vendor: cisco model: soho
db: NVD ids: CVE-2023-20198, CVE-2024-21762, CVE-2022-42475, CVE-2023-20273

Parallels Desktop 0-Day Vulnerability Gain Root Privileges - PoC Released

Trust: 5.5

Fetched: Feb. 25, 2025, 9:14 a.m., Published: Feb. 24, 2025, 8 a.m.
 Vulnerabilities: path traversal, privilege escalation
Affected productsExternal IDs
vendor: apple model: installer
vendor: apple model: macos
vendor: parallels model: tools
vendor: parallels model: parallels tools
vendor: parallels model: parallels desktop
vendor: parallels model: desktop
db: NVD ids: CVE-2024-34331

Vulnerability in Internet-Connected Smart Beds Let Attackers Access Other Devices in Network

Trust: 4.0

Fetched: Feb. 25, 2025, 9:13 a.m., Published: Feb. 24, 2025, 2:23 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs

Critical Exim Mail Transfer Agent SQL Injection Vulnerability (CVE-2025-26794)

Trust: 6.0

Fetched: Feb. 25, 2025, 9:13 a.m., Published: -
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2025-26794

UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks

Trust: 5.5

Fetched: Feb. 25, 2025, 9:12 a.m., Published: Feb. 24, 2025, 6:18 a.m.
 Vulnerabilities: improper validation, validation bypass, certificate validation flaw...
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
vendor: ubiquiti model: unifi
vendor: ubiquiti networks model: unifi
db: NVD ids: CVE-2025-23119, CVE-2025-23117, CVE-2025-23118, CVE-2025-23115, CVE-2025-23116

100+ Malicious IPs Actively Exploiting Vulnerabilities in Cisco Devices

Related entries in the VARIoT vulnerabilities database: VAR-201803-1387

Trust: 5.5

Fetched: Feb. 25, 2025, 9:11 a.m., Published: Feb. 25, 2025, 4:31 a.m.
 Vulnerabilities: command injection, privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe
db: NVD ids: CVE-2023-20198, CVE-2023-20273, CVE-2018-0171

iPhone Security Flaw Exposes Billions to Potential Hacking

Trust: 3.0

Fetched: Feb. 25, 2025, 9:11 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Known Exploited Vulnerabilities: 2025 List

Related entries in the VARIoT vulnerabilities database: VAR-201405-0243, VAR-202302-1097, VAR-202212-1132, VAR-202501-3666

Trust: 4.25

Fetched: Feb. 23, 2025, 9:32 a.m., Published: Feb. 23, 2025, midnight
 Vulnerabilities: buffer overflow, denial of service, code execution...
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
vendor: apple model: safari
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: tvos
db: NVD ids: CVE-2023-24880, CVE-2023-0266, CVE-2023-23376, CVE-2023-21674, CVE-2023-32373, CVE-2023-21823, CVE-2023-21768, CVE-2023-2136, CVE-2024-1086, CVE-2023-28205, CVE-2023-41080, CVE-2023-21715, CVE-2024-23222, CVE-2024-7965, CVE-2025-21333, CVE-2023-32409, CVE-2014-0196, CVE-2023-28252, CVE-2023-28206, CVE-2023-23529, CVE-2024-26169, CVE-2023-28204, CVE-2023-21716, CVE-2022-42475, CVE-2023-23397, CVE-2025-24085

Exploring IoT and Embedded Device Vulnerabilities: A Practical Guide - Undercode Testing

Trust: 3.75

Fetched: Feb. 23, 2025, 9:30 a.m., Published: Feb. 5, 2025, 3:33 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: wireshark model: wireshark