Sign-up

VARIoT news about IoT security

Qualcomm Issues Emergency Fix for Zero-Day Exploit in Android Devices

Trust: 4.75

Fetched: June 6, 2025, 9:25 a.m., Published: June 4, 2025, 10:27 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: samsung model: exynos
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2025-27038, CVE-2025-21480, CVE-2025-21479

How to Use Shodan for Pentesting: A Step-By-Step Guide

Trust: 4.25

Fetched: June 6, 2025, 9:24 a.m., Published: Aug. 17, 2023, 12:30 p.m.
 Vulnerabilities: code execution, default credentials
Affected productsExternal IDs
vendor: cisco model: routers
vendor: cisco model: small business
vendor: cisco model: ip phones
vendor: zoom model: client

ASUS Official Statement on Recent Reports Regarding Router Security | News|ASUS USA

Related entries in the VARIoT vulnerabilities database: VAR-202309-0729

Trust: 4.5

Fetched: June 6, 2025, 9:24 a.m., Published: June 4, 2025, midnight
 Vulnerabilities: weak password
Affected productsExternal IDs
vendor: asus model: asus
vendor: asus model: routers
vendor: asus model: router
db: NVD ids: CVE-2023-39780

Critical Vulnerabilities in Hitachi Energy’s Relion & SAM600-IO Devices Threaten Power Grid Security | Windows Forum

Trust: 5.5

Fetched: June 6, 2025, 9:10 a.m., Published: May 6, 2025, midnight
 Vulnerabilities: memory corruption, integer overflow, denial of service...
Affected productsExternal IDs
vendor: rapid model: scada
db: NVD ids: CVE-2020-28895, CVE-2020-35198

UEFI Firmware Crisis: Cryptographic Key Mismanagement Exposes Global Device Vulnerabilities - UNDERCODE NEWS

Trust: 4.5

Fetched: June 6, 2025, 9:10 a.m., Published: May 13, 2025, 10:46 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: lenovo model: system
vendor: lenovo model: updates
db: NVD ids: CVE-2025-3052

Cisco Integrated Management Controller Privilege Escalation Vulnerability

Trust: 4.0

Fetched: June 6, 2025, 9:09 a.m., Published: June 4, 2025, 3:54 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: integrated management controller
vendor: cisco model: cisco integrated management controller
vendor: cisco model: ucs manager
vendor: cisco model: series

Cisco Nexus Dashboard Fabric Controller Vulnerability Allows Attackers Device Impersonate as Managed Devices

Trust: 5.75

Fetched: June 6, 2025, 9:09 a.m., Published: June 5, 2025, 5:20 p.m.
 Vulnerabilities: device impersonation
Affected productsExternal IDs
vendor: cisco model: data center network manager
vendor: cisco model: nexus
vendor: cisco model: cisco data center network manager
db: NVD ids: CVE-2025-20163

Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Vulnerability

Trust: 3.0

Fetched: June 6, 2025, 9:08 a.m., Published: June 4, 2025, 3:54 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: nexus

Access Remote IoT Free On Android: Your SSH Guide

Trust: 3.5

Fetched: June 4, 2025, 9:31 a.m., Published: May 13, 2025, 8:17 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: home
vendor: raspberry pi model: 3
vendor: essential model: phone

End-to-End Encryption: Technological and Human Factor Perspectives | SpringerLink

Trust: 3.0

Fetched: June 4, 2025, 9:30 a.m., Published: June 4, 2025, midnight
 Vulnerabilities: -

Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats - CyberHoot

Trust: 5.5

Fetched: June 4, 2025, 9:29 a.m., Published: May 15, 2025, 3:24 p.m.
 Vulnerabilities: denial of service, control bypass, code execution
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: macos
vendor: apple model: tvos
db: NVD ids: CVE-2025-24252, CVE-2025-24132, CVE-2025-24206

CVE-2025-49163 : Bootloader Vulnerability in Arris VIP1113 Devices Using KreaTV SDK

Trust: 3.0

Fetched: June 4, 2025, 9:28 a.m., Published: June 3, 2025, 12:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-49163

CVE-2025-31217 : Input Validation Vulnerability in Safari Affecting Apple Devices

Trust: 6.25

Fetched: June 4, 2025, 9:23 a.m., Published: May 12, 2025, 9:42 p.m.
 Vulnerabilities: input validation vulnerability
Affected productsExternal IDs
vendor: apple model: safari
db: NVD ids: CVE-2025-31217

Update Canonical Ubuntu Server: USN-7504-1: LibreOffice vulnerability

Trust: 3.25

Fetched: June 4, 2025, 9:23 a.m., Published: Jan. 4, 7504, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Android Security Patch Level Warning from Qualcomm Chips - Inside Telecom

Trust: 4.75

Fetched: June 4, 2025, 9:22 a.m., Published: June 3, 2025, 6:45 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: android
vendor: essential model: phone
db: NVD ids: CVE-2025-21480, CVE-2025-27038, CVE-2025-21479

Cisco fixes max severity IOS XE flaw letting attackers hijack devices

Trust: 3.25

Fetched: June 4, 2025, 9:22 a.m., Published: June 10, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xe

Android Security Patch Level Warning from Qualcomm Chips - Inside Telecom

Trust: 4.75

Fetched: June 4, 2025, 9:21 a.m., Published: June 3, 2025, 6:45 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: android
vendor: essential model: phone
db: NVD ids: CVE-2025-21480, CVE-2025-27038, CVE-2025-21479

CVE-2025-24220 - Apple iPadOS and iOS Persistent Device Identifier Read Permissions Vulnerability

Trust: 3.75

Fetched: June 4, 2025, 9:21 a.m., Published: May 12, 2025, 10:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone_os
db: NVD ids: CVE-2025-24220

Critical Cisco IOS XE Vulnerability Exposes Devices to Remote Attacks - This Week Health

Trust: 3.0

Fetched: June 4, 2025, 9:20 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe

Update Microsoft SharePoint Server 2019: KB5002708: Resolves a Microsoft SharePoint Server remote code execution vulnerability

Trust: 3.25

Fetched: June 4, 2025, 9:19 a.m., Published: June 4, 2019, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-30384, CVE-2025-30382, CVE-2025-30378, CVE-2025-29976