Sign-up

VARIoT news about IoT security

CVE-2025-10127: Daikin Security Gateway Pre-auth Password Reset Flaw | Windows Forum

Trust: 4.5

Fetched: Sept. 12, 2025, 11:04 a.m., Published: Sept. 11, 2025, 4:13 p.m.
 Vulnerabilities: weak password, default credentials, password reset flaw
Affected productsExternal IDs
db: NVD ids: CVE-2025-10127

Frostbyte10 bugs put grocery refrigeration devices at risk • The Register

Trust: 3.75

Fetched: Sept. 12, 2025, 11:04 a.m., Published: -
 Vulnerabilities: privilege escalation, authentication flaw, denial of service...
Affected productsExternal IDs
db: NVD ids: CVE-2025-52548, CVE-2025-52551, CVE-2025-6519, CVE-2025-52546, CVE-2025-52543, CVE-2025-52545, CVE-2025-52549, CVE-2025-52544, CVE-2025-52550, CVE-2025-52547

Siemens Apogee PXC and Talon TC Devices | CISA

Trust: 4.5

Fetched: Sept. 12, 2025, 11:02 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: talon tc
vendor: siemens model: apogee pxc
db: NVD ids: CVE-2025-40757

CVE-2025-20340 | Tenable®

Trust: 6.0

Fetched: Sept. 12, 2025, 11:02 a.m., Published: Sept. 10, 2025, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xr software
vendor: cisco model: cisco ios xr
vendor: cisco model: cisco ios
vendor: cisco model: ios xr
db: NVD ids: CVE-2025-20340

FalconFeeds.io Blog | Latest Cyber Threat Intelligence & Security Insights

Related entries in the VARIoT vulnerabilities database: VAR-202403-2416

Trust: 4.5

Fetched: Sept. 10, 2025, 9:34 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: sonicwall model: soho
vendor: palo model: networks
vendor: barracuda model: barracuda
db: NVD ids: CVE-2023-46805, CVE-2024-21887, CVE-2024-23108, CVE-2025-53770, CVE-2024-23109, CVE-2024-21893, CVE-2023-48788, CVE-2025-53771

Your Cameras Could Be Spying on You: Howard CEA Researchers Publish New Findings on Smart IoT Device Abuse in Financial Cybercrimes | The Dig at Howard University

Trust: 3.0

Fetched: Sept. 10, 2025, 9:33 a.m., Published: Sept. 10, 2715, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Siemens Desigo CC Product Family and SENTRON Powermanager | CISA

Trust: 4.5

Fetched: Sept. 10, 2025, 9:32 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: wibu model: codemeter
vendor: wibu model: codemeter runtime
vendor: siemens model: desigo cc
db: NVD ids: CVE-2025-47809

Critical Apple Zero-Day Vulnerabilities: Your iOS Device Is Also Not Safe

Related entries in the VARIoT vulnerabilities database: VAR-202501-3666

Trust: 5.5

Fetched: Sept. 10, 2025, 9:29 a.m., Published: Sept. 3, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: apple model: apple tv
vendor: apple model: software update
vendor: apple model: watch
db: NVD ids: CVE-2025-43300, CVE-2025-24085, CVE-2025-24200, CVE-2025-31201, CVE-2025-31200, CVE-2025-24201

CVE-2025-43300 | Tenable®

Trust: 3.5

Fetched: Sept. 10, 2025, 9:28 a.m., Published: July 14, 2008, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-43300

Russian cyber group exploits seven-year-old network vulnerabilities for long-term espionage | CyberScoop

Related entries in the VARIoT vulnerabilities database: VAR-201803-1387

Trust: 3.5

Fetched: Sept. 10, 2025, 9:28 a.m., Published: Aug. 20, 2025, 3:33 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios software
vendor: cisco model: cisco ios
db: NVD ids: CVE-2018-0171

CVE-2025-8008 - Rockwell Automation 1756-ENT2R, EN4TR, EN4TRXT Vulnerability - SecAlerts

Related entries in the VARIoT vulnerabilities database: VAR-202509-0459

Trust: 3.0

Fetched: Sept. 10, 2025, 9:28 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-8008

Critical Ivanti Endpoint Manager Vulnerabilities Let Attackers Execute

Trust: 5.75

Fetched: Sept. 10, 2025, 9:27 a.m., Published: Sept. 10, 2025, 10:22 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: snort model: snort
db: NVD ids: CVE-2025-9712, CVE-2025-9872

Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability - Cisco

Trust: 3.0

Fetched: Sept. 10, 2025, 9:26 a.m., Published: Aug. 28, 2025, 7:45 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: asa software

Cisco ASA Devices Under Attack: Urgent Security Alert | Enigma Security posted on the topic | LinkedIn

Trust: 3.25

Fetched: Sept. 10, 2025, 9:25 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-20265

IoT Devices: Common Vulnerabilities and Solutions

Trust: 3.75

Fetched: Sept. 10, 2025, 9:23 a.m., Published: Sept. 8, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone

2025 September KB5065426 KB5065431 Windows 11 Patch | 2 Zero Day Vulnerabilities And 81 Flaws HTMD Blog

Trust: 3.5

Fetched: Sept. 10, 2025, 9:22 a.m., Published: Sept. 9, 2025, 5:59 p.m.
 Vulnerabilities: denial of service, feature bypass, information disclosure...
Affected productsExternal IDs
db: NVD ids: CVE-2025-55234, CVE-2024-21907

CVE-2025-20704: Remote Privilege Escalation Vulnerability in Modem - Cybersecurity Exploit Tracker by Ameeba

Trust: 4.25

Fetched: Sept. 10, 2025, 9:22 a.m., Published: Sept. 6, 2025, 12:58 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-20704

Apple Deploys Updates Fixing Security Flaws on iPhone, iPad & macOS - Modernizing Tech

Trust: 4.0

Fetched: Sept. 10, 2025, 9:21 a.m., Published: Aug. 22, 2025, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: macos
vendor: apple model: ipad

CVE-2025-7350 - Remote Code Execution in Cisco Stratix 5410,…

Trust: 4.25

Fetched: Sept. 10, 2025, 9:21 a.m., Published: Sept. 10, 8000, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-7350

A vulnerability in WhatsApp for iOS and Mac | Threat Intel

Trust: 3.5

Fetched: Sept. 10, 2025, 9:20 a.m., Published: Sept. 9, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: macos
db: NVD ids: CVE-2025-55177, CVE-2025-43300