Sign-up

VARIoT news about IoT security

Network Edge Attacks Signal Shift Among Cyber Adversaries

Trust: 4.25

Fetched: Jan. 13, 2026, 9:16 a.m., Published: Dec. 23, 2025, 5:25 p.m.
 Vulnerabilities: authentication bypass, privilege escalation, command injection...
Affected productsExternal IDs
vendor: cisco model: routers
vendor: sonicwall model: sma1000
vendor: palo model: networks
vendor: palo model: firewall
db: NVD ids: CVE-2025-23006, CVE-2025-40602, CVE-2025-37164, CVE-2025-59718, CVE-2025-59719

Apple Warns of Zero-day Vulnerability Exploited in Attack (CVE-2025-43529) - Qualys ThreatPROTECT

Trust: 5.5

Fetched: Dec. 23, 2025, 9:38 a.m., Published: -
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: safari
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: iphone
vendor: google model: chrome
db: NVD ids: CVE-2025-41474, CVE-2025-43529

Fortinet vulnerabilities prompt pre-holiday warnings | Computer Weekly

Trust: 5.5

Fetched: Dec. 23, 2025, 9:37 a.m., Published: Dec. 18, 2025, midnight
 Vulnerabilities: privilege escalation, input validation vulnerability, authentication bypass
Affected productsExternal IDs
vendor: sonicwall model: sma1000
vendor: asus model: asus
vendor: cisco model: asyncos
vendor: cisco model: asyncos software
vendor: cisco model: series
db: NVD ids: CVE-2025-40602, CVE-2025-59719, CVE-2025-20393, CVE-2025-59718, CVE-2025-69374

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

Trust: 4.5

Fetched: Dec. 23, 2025, 9:37 a.m., Published: Dec. 19, 2025, 11:23 a.m.
 Vulnerabilities: process crash
Affected productsExternal IDs
vendor: watchguard model: fireware
vendor: watchguard model: watchguard fireware
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-9242, CVE-2025-59718, CVE-2025-59719, CVE-2025-14733

China-nexus Campaign Exploits CVE-2025-20393 in Cisco Email Security Devices

Trust: 6.0

Fetched: Dec. 23, 2025, 9:36 a.m., Published: Dec. 23, 9686, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: cisco email security appliance
vendor: cisco model: content security management appliance
vendor: cisco model: email security appliance
vendor: cisco model: cisco content security management appliance
vendor: cisco model: nexus
vendor: cisco model: management appliance
db: NVD ids: CVE-2025-20393

Early-Boot Attack: UEFI Flaw in ASRock, ASUS, & MSI Boards Lets Hackers Bypass OS Security via PCIe

Trust: 5.0

Fetched: Dec. 23, 2025, 9:36 a.m., Published: Dec. 19, 2025, 12:22 a.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: asus model: asus
db: NVD ids: CVE-2025-14304, CVE-2025-14302, CVE-2025-14303, CVE-2025-11901

125,000 IPs WatchGuard Firebox Devices Exposed to Internet Vulnerable to

Trust: 5.5

Fetched: Dec. 23, 2025, 9:35 a.m., Published: Dec. 22, 2025, 3:32 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: watchguard model: watchguard fireware
vendor: watchguard model: fireware
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-14733

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719 exploited in the wild - Cyber Security Review

Trust: 4.75

Fetched: Dec. 23, 2025, 9:35 a.m., Published: Dec. 18, 2025, 7:14 a.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: schneider electric model: monitor
vendor: google model: home
vendor: palo model: firewall
vendor: schneider model: monitor
db: NVD ids: CVE-2025-59718, CVE-2025-59719

WatchGuard 0-day Vulnerability Exploited in the Wild to Hijack Firewalls

Trust: 3.75

Fetched: Dec. 23, 2025, 9:34 a.m., Published: Dec. 19, 2025, 2:56 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-14733

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability - Vulert

Trust: 5.25

Fetched: Dec. 23, 2025, 9:34 a.m., Published: Dec. 22, 2025, 8:12 a.m.
 Vulnerabilities: authentication vulnerability, code execution
Affected productsExternal IDs
vendor: watchguard model: watchguard fireware
vendor: watchguard model: fireware
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-9242, CVE-2025-14733

CVE-2025-68335 - comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() - SecAlerts

Trust: 3.75

Fetched: Dec. 23, 2025, 9:33 a.m., Published: -
 Vulnerabilities: kernel crash
Affected productsExternal IDs
db: NVD ids: CVE-2025-68335

Update your iPhone now - Apple patches two iOS zero days used in the wild by hackers | Tom's Guide

Trust: 5.5

Fetched: Dec. 23, 2025, 9:32 a.m., Published: Dec. 15, 2025, 6:07 p.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: software update
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: apple tv
vendor: apple model: watch
vendor: google model: chrome
db: NVD ids: CVE-2025-14174, CVE-2025-43529

How To Use AI To Audit Your Home Wi-Fi Network For Hidden Bandwidth Hogs And IoT Device Vulnerabilities

Trust: 4.5

Fetched: Dec. 23, 2025, 9:32 a.m., Published: Dec. 20, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: samsung model: note
vendor: samsung model: mobile
vendor: philips hue model: hue bridge
vendor: philips model: hue bridge
vendor: tp-link model: routers
vendor: wireshark model: wireshark
db: NVD ids: CVE-2022-28799

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719 exploited in the wild - Cyber Security Review

Trust: 6.0

Fetched: Dec. 23, 2025, 9:31 a.m., Published: Dec. 18, 2025, 7:14 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: email security
db: NVD ids: CVE-2025-37164, CVE-2018-0802, CVE-2025-59718, CVE-2025-59719

CVE-2025-68335 - comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel()

Trust: 5.0

Fetched: Dec. 23, 2025, 9:31 a.m., Published: Dec. 22, 2025, 5:16 p.m.
 Vulnerabilities: kernel crash
Affected productsExternal IDs
db: NVD ids: CVE-2025-68335

CVE-2025-65856 - Xiongmai XM530 IP Camera Authentication Bypass

Trust: 7.0

Fetched: Dec. 23, 2025, 9:31 a.m., Published: Dec. 22, 2025, 10:16 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: xiongmai model: ip cameras
db: NVD ids: CVE-2025-65856

🚨 Cisco Secure Email Devices Exposed to Actively Exploited Zero-Day Vulnerability (CVE-2025-20393)

Trust: 3.0

Fetched: Dec. 23, 2025, 9:30 a.m., Published: Dec. 3, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-20393

New Bluetooth Vulnerability Could Allow Hackers to Control Android, Linux, macOS, and iOS Devices - Breach Spot

Trust: 4.75

Fetched: Dec. 23, 2025, 9:30 a.m., Published: Dec. 22, 2025, 10:45 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: apple model: macos
vendor: google model: android
db: NVD ids: CVE-2024-21306, CVE-2024-0230, CVE-2023-45866

iOS 26.2 Security Alert: Two Zero-Day Exploits Fixed << Apple :: Gadget Hacks

Trust: 4.25

Fetched: Dec. 23, 2025, 9:29 a.m., Published: Dec. 19, 2025, 4:41 a.m.
 Vulnerabilities: integer overflow, memory corruption
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
db: NVD ids: CVE-2025-14174, CVE-2025-43529

Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities

Trust: 5.75

Fetched: Dec. 23, 2025, 9:28 a.m., Published: Dec. 4, 2025, 2:23 p.m.
 Vulnerabilities: cross-site scripting, information disclosure
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine
db: NVD ids: CVE-2025-20303, CVE-2025-20304, CVE-2025-20289, CVE-2025-20305