Sign-up

VARIoT news about IoT security

CVE-2025-20241 - Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol Denial of Service Vulnerability - SecAlerts

Trust: 5.75

Fetched: Aug. 31, 2025, 11:17 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: nx-os
vendor: cisco model: cisco nexus 9000 series
vendor: cisco model: nexus
vendor: cisco model: nexus 9000 series
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus 9000
vendor: cisco model: nx-os software
vendor: cisco model: series switches
vendor: cisco model: series
vendor: cisco model: nexus 3000
vendor: google model: nexus
db: NVD ids: CVE-2025-20241

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) - updated! - Help Net Security

Trust: 4.25

Fetched: Aug. 31, 2025, 11:17 a.m., Published: Aug. 26, 2025, 1:34 p.m.
 Vulnerabilities: memory corruption, improper access control, denial of service...
Affected productsExternal IDs
vendor: citrix model: netscaler
vendor: citrix model: netscaler gateway
vendor: citrix model: application delivery controller
vendor: citrix model: gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler application delivery controller
db: NVD ids: CVE-2025-7776, CVE-2025-7775, CVE-2025-8424

Microsoft patches some very important vulnerabilities in August's patch Tuesday | Malwarebytes

Trust: 5.0

Fetched: Aug. 31, 2025, 11:17 a.m., Published: Aug. 13, 2025, 3:49 p.m.
 Vulnerabilities: information disclosure, code execution, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-50165, CVE-2025-53766

CVE-2025-20344 - Cisco Nexus Dashboard Path Traversal Vulnerability - SecAlerts

Trust: 4.75

Fetched: Aug. 31, 2025, 11:15 a.m., Published: -
 Vulnerabilities: path traversal
Affected productsExternal IDs
vendor: cisco model: nexus
vendor: google model: nexus
db: NVD ids: CVE-2025-20344

Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager

Trust: 3.0

Fetched: Aug. 31, 2025, 11:15 a.m., Published: Aug. 12, 2025, 5:05 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Trust: 5.5

Fetched: Aug. 31, 2025, 11:14 a.m., Published: Aug. 26, 2025, 5:29 p.m.
 Vulnerabilities: improper access control, code execution
Affected productsExternal IDs
vendor: citrix model: netscaler gateway
vendor: citrix model: gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
db: NVD ids: CVE-2025-5777, CVE-2025-6543, CVE-2024-8069, CVE-2025-7776, CVE-2025-8424, CVE-2024-8068, CVE-2025-7775

WhatsApp patches vulnerability exploited in zero-day attacks - PRSOL:CC

Trust: 3.75

Fetched: Aug. 31, 2025, 11:14 a.m., Published: Aug. 31, 2025, 5:22 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2025-55177, CVE-2025-43300

Citrix Netscaler 0-day RCE Vulnerability Patched - Vulnerable Instances Reduced from 28.2K to 12.4K

Trust: 5.75

Fetched: Aug. 31, 2025, 11:13 a.m., Published: Aug. 29, 2025, 3:47 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: internet security
vendor: citrix model: netscaler
db: NVD ids: CVE-2025-7775

RCE Vulnerability in Hikvision Device | Wattlecorp Cybersecurity Labs

Trust: 4.25

Fetched: Aug. 31, 2025, 11:12 a.m., Published: Aug. 29, 2025, 12:11 p.m.
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
vendor: dropbear model: dropbear ssh
vendor: hikvision model: hikvision
vendor: hikvision model: ds-2cd3xx5
vendor: hikvision model: ip cameras
db: NVD ids: CVE-2021-36260

WhatsApp fixes ‘zero-click’ vulnerability that let hackers install spyware on iPhones and Macs | Mint

Trust: 5.0

Fetched: Aug. 31, 2025, 11:12 a.m., Published: Aug. 31, 2025, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
db: NVD ids: CVE-2025-43300, CVE-2025-55177

CERT-EU - Multiple Vulnerabilities in Fortinet Products

Trust: 4.0

Fetched: Aug. 31, 2025, 11:12 a.m., Published: -
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-26009, CVE-2025-25256, CVE-2025-52970

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices

Trust: 4.75

Fetched: Aug. 31, 2025, 11:11 a.m., Published: Aug. 29, 2025, 7:14 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos
vendor: google model: android
db: NVD ids: CVE-2025-55177, CVE-2025-43300

WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users

Trust: 4.75

Fetched: Aug. 31, 2025, 10:59 a.m., Published: Aug. 29, 2025, 5:07 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2025-55177, CVE-2025-43300

WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices

Trust: 4.75

Fetched: Aug. 31, 2025, 10:58 a.m., Published: Aug. 30, 2025, 4:36 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos
db: NVD ids: CVE-2025-55177, CVE-2025-43300

Citrix Bleed 3? Attackers are already exploiting new security vulnerabilities | heise online

Trust: 3.75

Fetched: Aug. 29, 2025, 10:06 a.m., Published: Aug. 27, 2025, 7:27 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler
db: NVD ids: CVE-2025-8424, CVE-2025-7776, CVE-2025-7775, CVE-2025-5777

Update Canonical Ubuntu Desktop: USN-7694-1: libxml2 vulnerabilities

Trust: 6.0

Fetched: Aug. 29, 2025, 10:05 a.m., Published: Jan. 29, 7694, midnight
 Vulnerabilities: denial of service, integer overflow
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-49796, CVE-2025-6170, CVE-2025-49794, CVE-2025-6021

CVE-2025-48000: Critical Privilege Escalation Vulnerability in Windows Connected Devices Platform Service - Cybersecurity Exploit Tracker by Ameeba

Trust: 4.75

Fetched: Aug. 29, 2025, 10:05 a.m., Published: Aug. 17, 2025, 7:41 p.m.
 Vulnerabilities: privilege escalation, use after free
Affected productsExternal IDs
db: NVD ids: CVE-2025-48000

How Cybersecurity Tools Are Protecting Healthcare IoT Devices

Trust: 3.25

Fetched: Aug. 29, 2025, 10:04 a.m., Published: Aug. 8, 2025, 8:43 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: antivirus
vendor: samsung model: samsung
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy

Cisco NX-OS Software Sensitive Log Information Disclosure Vulnerability

Trust: 5.0

Fetched: Aug. 29, 2025, 10:02 a.m., Published: Aug. 27, 2025, 3:57 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus 7000
vendor: cisco model: nx-os software
vendor: cisco model: series switches
vendor: cisco model: nexus 3000
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: nexus 9000
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus

Wireless Attacks - GeeksforGeeks

Trust: 4.25

Fetched: Aug. 29, 2025, 10:02 a.m., Published: Jan. 16, 2019, 7:47 p.m.
 Vulnerabilities: replay attack, denial of service, service disruption...
Affected productsExternal IDs
vendor: wireshark model: wireshark
vendor: aircrack-ng model: aircrack-ng