Sign-up

VARIoT news about IoT security

Google Just Patched 43 Security Vulnerabilities in Android | Lifehacker

Trust: 5.5

Fetched: March 7, 2025, 9:13 a.m., Published: March 6, 2025, 9:30 p.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: oneplus model: oneplus
vendor: google model: android
vendor: google model: pixel
vendor: motorola model: android
vendor: motorola model: motorola
db: NVD ids: CVE-2024-43093, CVE-2024-50302

CVE-2024-38063 (CVSS 9.8): Windows RCE Vulnerability Found in Pepperl+Fuchs HMI Devices

Trust: 3.25

Fetched: March 7, 2025, 9:13 a.m., Published: Feb. 28, 2025, 2:07 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-38063

System BIOS komputera Dell Precision 5690 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: March 5, 2025, 9:29 a.m., Published: March 5, 5690, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

The Growing Threat of IoT Vulnerabilities and How to Secure Your Devices - Programming Insider

Trust: 5.0

Fetched: March 5, 2025, 9:29 a.m., Published: Feb. 24, 2025, 12:53 p.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

BigAnt Server 0-day Vulnerability Let Attackers Execute Malicious Code Via File Uploads

Trust: 4.25

Fetched: March 5, 2025, 9:24 a.m., Published: March 4, 2025, 8:17 a.m.
 Vulnerabilities: session fixation
Affected productsExternal IDs
db: NVD ids: CVE-2025-0364, CVE-2024-54761

Risks Of Using Linux-Based Software In 2025

Trust: 3.75

Fetched: March 5, 2025, 9:24 a.m., Published: Feb. 8, 2025, 5:50 p.m.
 Vulnerabilities: kernel panic
Affected productsExternal IDs
vendor: google model: android

Cyware Daily Threat Intelligence, March 04, 2025 - Mar 4, 2025 | Cyware

Related entries in the VARIoT vulnerabilities database: VAR-202304-1067, VAR-202301-0962

Trust: 4.5

Fetched: March 5, 2025, 9:23 a.m., Published: Dec. 5, 2025, midnight
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: google model: android
vendor: cisco model: routers
db: NVD ids: CVE-2024-43093, CVE-2023-20118, CVE-2024-50302, CVE-2023-20025, CVE-2018-8639

IBM Storage Virtualize Vulnerabilities Let Attackers Execute Arbitrary Code

Trust: 3.75

Fetched: March 5, 2025, 9:22 a.m., Published: March 4, 2025, 8:06 a.m.
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-0159, CVE-2025-0160

Cisco Patches Critical ISE Vulnerabilities - FusionMindLabs Magazine

Trust: 4.75

Fetched: March 5, 2025, 9:22 a.m., Published: Feb. 6, 2025, 9:22 a.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: cisco model: identity services engine
db: NVD ids: CVE-2025-20125, CVE-2025-20124

Cisco Fixes Switch Health Monitoring Diagnostics Issue - ISSSource

Trust: 5.0

Fetched: March 5, 2025, 9:20 a.m., Published: Feb. 28, 2025, 7:37 p.m.
 Vulnerabilities: kernel panic
Affected productsExternal IDs
vendor: cisco model: nx-os
vendor: cisco model: cisco nx-os
vendor: cisco model: nx-os software
vendor: cisco model: series switches
vendor: cisco model: nexus
vendor: cisco model: series
db: NVD ids: CVE-2025-20111

Is Text Messaging Secure? A Deep Dive Into Text Message Security

Trust: 3.5

Fetched: March 5, 2025, 9:19 a.m., Published: Feb. 26, 2025, 4:39 p.m.
 Vulnerabilities: encryption vulnerability
Affected productsExternal IDs
vendor: essential model: phone
vendor: google model: android
vendor: apple model: iphone

Massive DDoS Botnet Eleven11bot Infects 30,000+ IoT Devices

Trust: 3.0

Fetched: March 5, 2025, 9:18 a.m., Published: March 3, 2025, 3:44 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: nokia model: impact

Cisco Patches Security Vulnerabilities in Nexus Switches to Prevent DoS and Command Injection Attacks - Thailand Computer Emergency Response Team (ThaiCERT)

Trust: 6.0

Fetched: March 5, 2025, 9:17 a.m., Published: March 4, 2025, 6:59 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: nx-os
vendor: cisco model: nexus 9000
vendor: cisco model: series switches
vendor: cisco model: nexus 3000
vendor: cisco model: nexus
vendor: cisco model: series
vendor: cisco model: nexus 9000 series
db: NVD ids: CVE-2025-20111, CVE-2025-20161

Understanding CVE-2025-20653: Mitigating MediaTek Int Overflow Vulnerability

Trust: 4.5

Fetched: March 5, 2025, 9:16 a.m., Published: March 5, 2025, midnight
 Vulnerabilities: integer overflow, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-20653

Routers Under Attack - Attacks Scanning for IoT & Routers at Record High

Related entries in the VARIoT vulnerabilities database: VAR-202303-1268

Trust: 5.75

Fetched: March 5, 2025, 9:16 a.m., Published: March 4, 2025, 5:54 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: tp-link model: routers
db: NVD ids: CVE-2023-1389, CVE-2024-3721

Addressing CVE-2025-0816: Denial-of-Service Vulnerability in Schneider Electric Devices

Trust: 3.75

Fetched: March 5, 2025, 9:15 a.m., Published: March 20, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: schneider model: monitor
vendor: schneider electric model: monitor
vendor: schneider-electric model: monitor
db: NVD ids: CVE-2025-0816

Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability

Trust: 5.0

Fetched: March 5, 2025, 9:14 a.m., Published: Feb. 19, 2025, 3:54 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: series

The “Perfect Storm” for Zyxel: EOL Routers and Ransomware Attacks - Greenbone

Trust: 5.25

Fetched: March 5, 2025, 9:13 a.m., Published: March 4, 2025, 12:20 p.m.
 Vulnerabilities: code execution, default credentials, command injection...
Affected productsExternal IDs
vendor: zyxel model: vmg1312-b10a
vendor: zyxel model: vmg4380-b10a
vendor: zyxel model: vmg8324-b10a
vendor: zyxel model: vmg8924-b10a
db: NVD ids: CVE-2025-0890, CVE-2024-11667, CVE-2024-40890, CVE-2024-40891

CVE-2025-1829 : Command Injection Vulnerability in TOTOLINK X18 Wireless Device | SecurityVulnerability.io

Trust: 4.5

Fetched: March 5, 2025, 9:13 a.m., Published: March 2, 2025, 7 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-1829

Android Security Bulletin-March 20255 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202503-1450

Trust: 4.25

Fetched: March 5, 2025, 9:12 a.m., Published: March 5, 2025, midnight
 Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: notes
vendor: samsung model: note
vendor: samsung model: samsung
vendor: google model: android
vendor: google model: pixel
vendor: motorola model: android
vendor: motorola model: motorola
vendor: huawei model: huawei
db: NVD ids: CVE-2024-43093, CVE-2025-0081, CVE-2025-22411, CVE-2023-21125, CVE-2024-0032, CVE-2025-20645, CVE-2025-0087, CVE-2025-0074, CVE-2025-0075, CVE-2025-0079, CVE-2025-22408, CVE-2024-53025, CVE-2024-53011, CVE-2025-0080, CVE-2024-43051, CVE-2025-26417, CVE-2025-0092, CVE-2025-0078, CVE-2025-0082, CVE-2025-0086, CVE-2025-0084, CVE-2024-49740, CVE-2025-22405, CVE-2024-49728, CVE-2024-43090, CVE-2025-22412, CVE-2025-0093, CVE-2025-22410, CVE-2025-0083, CVE-2025-22406, CVE-2025-22407, CVE-2025-22409, CVE-2024-50302, CVE-2025-22404, CVE-2025-20644, CVE-2025-22403