Sign-up

VARIoT news about IoT security

Update Canonical Ubuntu Server: USN-7279-1: WebKitGTK vulnerabilities

Trust: 4.0

Fetched: Feb. 25, 2025, 9:29 a.m., Published: Jan. 25, 7279, midnight
 Vulnerabilities: cross-site scripting, denial of service, code execution
Affected productsExternal IDs
vendor: canonical model: ubuntu

System BIOS komputerów Dell OptiPlex 7070 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 25, 2025, 9:29 a.m., Published: Feb. 25, 7070, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: optiplex

System BIOS komputerów Dell Latitude 5300 i 5300 2 w 1 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 25, 2025, 9:29 a.m., Published: Feb. 25, 5300, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: latitude
vendor: dell model: bios

TODAY'S TOP 5

Trust: 3.5

Fetched: Feb. 25, 2025, 9:27 a.m., Published: Feb. 5, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: palo model: networks
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: sonicwall model: remote access
vendor: sonicwall model: sonicos
vendor: palo alto networks model: networks
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: firewall
db: NVD ids: CVE-2024-9474, CVE-2025-0366, CVE-2025-0108

System BIOS komputera Dell Precision 5530 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 25, 2025, 9:27 a.m., Published: Feb. 25, 5530, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: precision 5530

System BIOS komputera Dell Precision 5540 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Feb. 25, 2025, 9:26 a.m., Published: Feb. 25, 5540, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

System BIOS komputera Dell Precision 5690 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 25, 2025, 9:26 a.m., Published: Feb. 25, 5690, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Why rebooting your phone daily is your best defense against zero-click attacks | ZDNET

Trust: 3.75

Fetched: Feb. 25, 2025, 9:25 a.m., Published: Feb. 16, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: android

Update Canonical Ubuntu Server: USN-7278-1: OpenSSL vulnerabilities

Trust: 6.25

Fetched: Feb. 25, 2025, 9:24 a.m., Published: Jan. 25, 7278, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-9143, CVE-2024-13176

Security researcher finds vulnerability in internet-connected bed, could allow access to all devices on network | Tom's Hardware

Trust: 3.75

Fetched: Feb. 25, 2025, 9:24 a.m., Published: Feb. 23, 2025, 3:27 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

How to Keep Your Smart Home Devices Secure

Trust: 4.25

Fetched: Feb. 25, 2025, 9:21 a.m., Published: Feb. 21, 2025, 3:06 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: google model: home
vendor: mesh model: mesh

Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks

Trust: 3.0

Fetched: Feb. 25, 2025, 9:21 a.m., Published: Feb. 24, 2025, 7:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-50609, CVE-2024-50608

Update Canonical Ubuntu Desktop: USN-7280-1: Python vulnerability

Trust: 4.0

Fetched: Feb. 25, 2025, 9:21 a.m., Published: Jan. 25, 7280, midnight
 Vulnerabilities: request forgery
Affected productsExternal IDs
vendor: canonical model: ubuntu

Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability

Trust: 3.25

Fetched: Feb. 25, 2025, 9:20 a.m., Published: Jan. 29, 2025, 5:11 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-40891

Update Canonical Ubuntu Desktop: USN-7275-2: Libtasn1 vulnerability

Trust: 4.25

Fetched: Feb. 25, 2025, 9:18 a.m., Published: Feb. 25, 7275, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries

Trust: 4.75

Fetched: Feb. 25, 2025, 9:16 a.m., Published: Feb. 24, 2025, 7:43 a.m.
 Vulnerabilities: sql injection, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-26794

Security considerations for edge devices (ITSM.80.101) - Canadian Cyber Watch

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 5.25

Fetched: Feb. 25, 2025, 9:15 a.m., Published: Feb. 25, 2025, midnight
 Vulnerabilities: denial of service, privilege escalation
Affected productsExternal IDs
vendor: fortigate model: fortios
vendor: cisco model: cisco ios
vendor: cisco model: router
vendor: cisco model: series
vendor: cisco model: routers
vendor: cisco model: soho
db: NVD ids: CVE-2023-20198, CVE-2024-21762, CVE-2022-42475, CVE-2023-20273

Parallels Desktop 0-Day Vulnerability Gain Root Privileges - PoC Released

Trust: 5.5

Fetched: Feb. 25, 2025, 9:14 a.m., Published: Feb. 24, 2025, 8 a.m.
 Vulnerabilities: path traversal, privilege escalation
Affected productsExternal IDs
vendor: apple model: installer
vendor: apple model: macos
vendor: parallels model: tools
vendor: parallels model: parallels tools
vendor: parallels model: parallels desktop
vendor: parallels model: desktop
db: NVD ids: CVE-2024-34331

Vulnerability in Internet-Connected Smart Beds Let Attackers Access Other Devices in Network

Trust: 4.0

Fetched: Feb. 25, 2025, 9:13 a.m., Published: Feb. 24, 2025, 2:23 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs

Critical Exim Mail Transfer Agent SQL Injection Vulnerability (CVE-2025-26794)

Trust: 6.0

Fetched: Feb. 25, 2025, 9:13 a.m., Published: -
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2025-26794