Sign-up

VARIoT news about IoT security

checkm8 Exploit Explained: How Appleā€™s Worst Vulnerability Works at the Lowest Level - iDevice Central

Trust: 4.25

Fetched: June 13, 2025, 9:05 a.m., Published: June 11, 2025, 10:55 p.m.
 Vulnerabilities: code execution, memory corruption, memory leak
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: icloud
vendor: apple model: ipod touch
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: tvos
db: NVD ids: CVE-2019-8900

Hydrophobia and other UEFI Secure Boot Bypass Vulnerabilities - Eclypsium | Supply Chain Security for the Modern Enterprise

Trust: 3.5

Fetched: June 13, 2025, 9:04 a.m., Published: June 12, 2025, 4 p.m.
 Vulnerabilities: code execution, memory corruption, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-427, CVE-2025-3052, CVE-2025-4275, CVE-2025-47827

CVE-2025-4975 Tapo privilege escalation on shared devices us... - vulnerability database | Vulners.com

Trust: 3.25

Fetched: June 11, 2025, 9:32 a.m., Published: May 22, 2025, 9:17 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-4975

Cyware Daily Threat Intelligence, June 10, 2025 - Jun 10, 2025 | Cyware

Related entries in the VARIoT vulnerabilities database: VAR-202504-1178

Trust: 4.75

Fetched: June 11, 2025, 9:32 a.m., Published: June 10, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-32433, CVE-2025-24016, CVE-2024-42009, CVE-2025-3835

Multiple Cisco Products Vulnerabilities - Rewterz

Trust: 3.75

Fetched: June 11, 2025, 9:26 a.m., Published: June 4, 2025, 12:38 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: unified computing system
vendor: cisco model: data center network manager
vendor: cisco model: cisco unified computing system
vendor: cisco model: cisco integrated management controller
vendor: cisco model: nexus
vendor: cisco model: integrated management controller
vendor: cisco model: cisco data center network manager
vendor: cisco model: series
db: NVD ids: CVE-2025-20261, CVE-2025-20163

Cyware Daily Threat Intelligence, June 06, 2025 - Jun 6, 2025 | Cyware

Trust: 3.5

Fetched: June 11, 2025, 9:26 a.m., Published: June 6, 2025, midnight
 Vulnerabilities: code execution, directory traversal
Affected productsExternal IDs
db: NVD ids: CVE-2025-37098, CVE-2025-37097, CVE-2025-37099, CVE-2024-42009, CVE-2025-49113

Critical Security Flaw in Windows Storage Management Provider (CVE-2025-33061) - How to Protect Your System | Windows Forum

Trust: 4.75

Fetched: June 11, 2025, 9:25 a.m., Published: May 11, 2025, midnight
 Vulnerabilities: privilege escalation, information disclosure, improper bounds checking...
Affected productsExternal IDs
db: NVD ids: CVE-2025-33061

New Variant of Mirai Malware Targets TBK DVR Devices via Command Injection Flaw - Thailand Computer Emergency Response Team (ThaiCERT)

Trust: 4.0

Fetched: June 11, 2025, 9:25 a.m., Published: June 10, 2025, 8 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-3721

Mitigating CVE-2025-32722: Security Guide for Windows Storage Port Driver Vulnerability | Windows Forum

Trust: 4.0

Fetched: June 11, 2025, 9:24 a.m., Published: May 11, 2025, midnight
 Vulnerabilities: improper access control, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-32722

SSA-513708

Trust: 5.75

Fetched: June 11, 2025, 9:22 a.m., Published: June 1, 2025, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo model: pan-os
vendor: palo alto networks model: networks
vendor: palo alto networks model: pan-os
db: NVD ids: CVE-2025-0133

IoT Impact on Network Security Risks and Effective Solutions | MoldStud

Trust: 4.75

Fetched: June 11, 2025, 9:20 a.m., Published: June 11, 2025, 1:54 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: cisco model: routers

35,000 Solar Power Systems Exposed To Internet Are Vulnerable To Cyberattacks

Trust: 3.75

Fetched: June 11, 2025, 9:19 a.m., Published: June 5, 2025, 5:54 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2022-40881, CVE-2022-29303, CVE-2023-29919, CVE-2023-23333

Windows 10 KB5060533 June 2025 Patch And 2 Zero Day Vulnerabilities And 66 Flaws HTMD Blog

Trust: 4.75

Fetched: June 11, 2025, 9:06 a.m., Published: June 10, 2025, 6:09 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-33073, CVE-2025-33053

Windows 11 KB5060842 KB5060999 June 2025 Patch And 2 Zero Day Vulnerabilities And 66 Flaws HTMD Blog

Trust: 4.5

Fetched: June 11, 2025, 9:05 a.m., Published: June 10, 2025, 5:57 p.m.
 Vulnerabilities: feature bypass, code execution, denial of service...
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2025-33073, CVE-2025-33053

Evaluating Moving Target Defense Methods Using Time to Compromise and Security Risk Metrics in IoT Networks

Trust: 3.25

Fetched: June 10, 2025, 9:42 a.m., Published: Jan. 10, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android

Top 25 Linux Security Tools to Boost Cyber Defense

Trust: 3.25

Fetched: June 10, 2025, 9:35 a.m., Published: May 23, 2023, 12:30 p.m.
 Vulnerabilities: sql injection, cross-site scripting, file inclusion
Affected productsExternal IDs
vendor: clamav model: clamav
vendor: snort.org model: snort
vendor: snort model: snort
vendor: wireshark model: wireshark

CVE-2025-27524 : Weak Encryption Vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager

Trust: 6.0

Fetched: June 10, 2025, 9:34 a.m., Published: May 15, 2025, 6:27 a.m.
 Vulnerabilities: encryption vulnerability
Affected productsExternal IDs
vendor: hitachi model: jp1/it desktop management
vendor: hitachi model: device manager
db: NVD ids: CVE-2025-27524

CVE-2025-5408: Critical Vulnerability in WAVLINK Devices Leads to Buffer Overflow - Cybersecurity Exploit Tracker by Ameeba

Trust: 5.0

Fetched: June 10, 2025, 9:33 a.m., Published: June 6, 2025, 4:39 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-5408

CISA Releases ICS Advisories Covering Vulnerabilities & Exploits

Trust: 6.5

Fetched: June 10, 2025, 9:23 a.m., Published: June 4, 2025, 8:04 a.m.
 Vulnerabilities: buffer overflow, improper validation, authentication bypass...
Affected productsExternal IDs
vendor: mitsubishi model: fx5uc
vendor: mitsubishi model: fx5u
vendor: mitsubishi model: fx5uj
vendor: mitsubishi model: melsec iq-f series
vendor: mitsubishi model: melsec iq-f
vendor: mitsubishi electric model: fx5uc
vendor: mitsubishi electric model: fx5u
vendor: mitsubishi electric model: fx5uj
vendor: mitsubishi electric model: melsec iq-f series
vendor: mitsubishi electric model: melsec iq-f
db: NVD ids: CVE-2025-3755, CVE-2025-3916, CVE-2023-4041

Critical GPU Flaws Disclosed by Qualcomm and ARM Impact Billions of Mobile Devices - Cyber Kendra

Trust: 4.75

Fetched: June 10, 2025, 9:22 a.m., Published: June 8, 2025, midnight
 Vulnerabilities: command execution, information disclosure, memory corruption...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2025-0073, CVE-2025-1246, CVE-2025-0819, CVE-2025-27038, CVE-2025-21480, CVE-2025-21479