VARIoT news about IoT security

Trust: 3.75

Fetched: Feb. 12, 2025, 9:13 a.m., Published: Feb. 12, 2025, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: iphone
db: NVD ids: CVE-2025-24200

Trust: 3.0

Fetched: Feb. 12, 2025, 9:12 a.m., Published: Feb. 26, 2025, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: software update

Trust: 4.0

Fetched: Feb. 12, 2025, 9:12 a.m., Published: Feb. 11, 2025, 3:17 p.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: watchos
db: NVD ids: CVE-2025-24200

Trust: 4.0

Fetched: Feb. 11, 2025, 9:44 a.m., Published: Jan. 14, 2025, 2:21 p.m.
Vulnerabilities: service disruption, authentication vulnerability, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-0066, CVE-2025-0070

Trust: 6.0

Fetched: Feb. 11, 2025, 9:44 a.m., Published: Jan. 15, 2025, 4:10 a.m.
Vulnerabilities: information disclosure, search path issue, privilege escalation...
Affected productsExternal IDs
vendor: zoom model: client
db: NVD ids: CVE-2025-0143, CVE-2025-0142, CVE-2025-0147, CVE-2025-0146, CVE-2025-0145, CVE-2025-0144

Trust: 3.0

Fetched: Feb. 11, 2025, 9:43 a.m., Published: Jan. 31, 2025, 5:31 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: jquery model: jquery

Trust: 3.5

Fetched: Feb. 11, 2025, 9:43 a.m., Published: May 25, 2022, 1:01 p.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

Trust: 4.0

Fetched: Feb. 11, 2025, 9:35 a.m., Published: Jan. 11, 7258, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-24816, CVE-2024-43411, CVE-2023-28439, CVE-2022-24728, CVE-2024-24815

Trust: 6.0

Fetched: Feb. 11, 2025, 9:35 a.m., Published: -
Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: node.js model: node.js
db: NVD ids: CVE-2024-55591

Trust: 4.5

Fetched: Feb. 11, 2025, 9:34 a.m., Published: Feb. 5, 2025, 11:01 a.m.
Vulnerabilities: cross-site scripting, code execution, authentication bypass
Affected productsExternal IDs
vendor: netgear model: netgear router firmware
vendor: netgear model: xr500
vendor: netgear model: router
vendor: netgear model: netgear router

Trust: 3.75

Fetched: Feb. 11, 2025, 9:33 a.m., Published: Feb. 10, 2025, 9:24 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
Related entries in the VARIoT vulnerabilities database: VAR-202010-0408, VAR-201811-0292

Trust: 5.0

Fetched: Feb. 11, 2025, 9:33 a.m., Published: Jan. 14, 2025, 7:41 p.m.
Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2018-10851, CVE-2018-14626, CVE-2018-1046, CVE-2020-17482, CVE-2022-27227, CVE-2018-14644

Trust: 4.5

Fetched: Feb. 11, 2025, 9:32 a.m., Published: Jan. 14, 2025, 6:58 p.m.
Vulnerabilities: feature bypass, security feature bypass, denial of service...
Affected productsExternal IDs
vendor: asus model: asus
db: NVD ids: CVE-2025-21275, CVE-2025-21395, CVE-2025-21334, CVE-2025-21308, CVE-2025-21335, CVE-2025-21333, CVE-2025-21186, CVE-2025-21366
Related entries in the VARIoT vulnerabilities database: VAR-202206-0004

Trust: 4.75

Fetched: Feb. 11, 2025, 9:31 a.m., Published: Sept. 13, 2022, 1:19 p.m.
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2022-26134

Trust: 4.25

Fetched: Feb. 11, 2025, 9:29 a.m., Published: Feb. 2, 2025, 3:31 p.m.
Vulnerabilities: session hijacking, path traversal, memory corruption...
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: apple model: iphone
vendor: apple model: macos
vendor: google model: google chrome
vendor: google model: chrome
db: NVD ids: CVE-2025-0065, CVE-2025-0314, CVE-2025-22217, CVE-2024-52012, CVE-2024-50050, CVE-2025-24085

Trust: 4.0

Fetched: Feb. 11, 2025, 9:28 a.m., Published: Jan. 29, 2025, 5:11 a.m.
Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-57728, CVE-2024-40890, CVE-2024-57726, CVE-2024-40891, CVE-2024-57727

Trust: 4.5

Fetched: Feb. 11, 2025, 9:27 a.m., Published: Feb. 4, 2025, 10 p.m.
Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: google model: home
vendor: google model: wi-fi router
vendor: sonos model: sonos

Trust: 5.5

Fetched: Feb. 11, 2025, 9:27 a.m., Published: June 11, 2024, 5 p.m.
Vulnerabilities: code execution, use after free, memory corruption...
Affected productsExternal IDs
vendor: apple model: tvos
vendor: apple model: macos
vendor: apple model: watchos
db: NVD ids: CVE-2025-24085

Trust: 4.0

Fetched: Feb. 11, 2025, 9:26 a.m., Published: Feb. 11, 2025, 1:14 a.m.
Vulnerabilities: authorization flaw
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: software update
Related entries in the VARIoT vulnerabilities database: VAR-202205-1290

Trust: 3.5

Fetched: Feb. 11, 2025, 9:20 a.m., Published: Feb. 10, 2025, 9:26 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: apple model: itunes
db: NVD ids: CVE-2022-26766, CVE-2023-41991