VARIoT latest news about IoT security

CVE-2025-20248 - Cisco IOS XR Software Image Verification Bypass Vulnerability - SecAlerts Trust: 3.75 Fetched: Sept. 12, 2025, 11:18 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xr

db:

NVD

ids:

CVE-2025-20248

Apple Fixes CVE-2025-43300 Zero-Day: Protect Your iOS, iPadOS & macOS Now - SecPod Blog Trust: 5.75 Fetched: Sept. 12, 2025, 11:17 a.m., Published: Aug. 22, 2025, 12:34 p.m.	Vulnerabilities: privilege escalation, code execution, memory corruption

Affected products

External IDs

vendor:

apple

model:

macos

db:

NVD

ids:

CVE-2025-43300

CVE-2025-36901: Critical WLAN Vulnerability in Android Affecting Google Pixel Devices - Cybersecurity Exploit Tracker by Ameeba Trust: 3.75 Fetched: Sept. 12, 2025, 11:15 a.m., Published: Sept. 10, 2025, 9:37 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel

db:

NVD

ids:

CVE-2025-36901

CVE-2025-55234 - Vulnerability Details - OpenCVE Trust: 3.0 Fetched: Sept. 12, 2025, 11:12 a.m., Published: Sept. 12, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-55234

Amp’ed RF BT-AP 111 Bluetooth Access Point Vulnerability Let Attackers Trust: 3.5 Fetched: Sept. 12, 2025, 11:12 a.m., Published: Sept. 11, 2025, 10:19 a.m.	Vulnerabilities: authentication flaw

Affected products

External IDs

vendor:	palo	model:	firewall
vendor:	palo	model:	networks
vendor:	wireshark	model:	wireshark
vendor:	cisco	model:	access points

Cisco and FBI Alert: Russian Hacking Campaign Targets Outdated Devices - Cyber Warriors Middle East Related entries in the VARIoT vulnerabilities database: VAR-201803-1387 Trust: 3.5 Fetched: Sept. 12, 2025, 11:11 a.m., Published: Aug. 21, 2025, 3:27 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios software

db:

NVD

ids:

CVE-2018-0171

WhatsApp urges iOS, Mac users to update apps immediately Trust: 3.75 Fetched: Sept. 12, 2025, 11:10 a.m., Published: Sept. 8, 2025, 6:52 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	iphone
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2025-55177, CVE-2025-23300

ERROR: The request could not be satisfied Trust: 3.25 Fetched: Sept. 12, 2025, 11:09 a.m., Published: -	Vulnerabilities: configuration error

Affected products	External IDs

Samsung monthly updates: September 2025 security patch is a big one - SamMobile Trust: 3.75 Fetched: Sept. 12, 2025, 11:09 a.m., Published: Sept. 3, 2025, 10:01 a.m.	Vulnerabilities: improper access control

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	home
vendor:	samsung	model:	samsung
vendor:	samsung	model:	galaxy

Protecting IoT Devices: Enhancing Smart Device Security Against Cyber Attacks Trust: 4.25 Fetched: Sept. 12, 2025, 11:08 a.m., Published: Sept. 8, 2025, 1:06 a.m.	Vulnerabilities: default credentials

Affected products

External IDs

vendor:	palo	model:	networks
vendor:	cisco	model:	access points
vendor:	palo alto networks	model:	networks
vendor:	trend	model:	security

ACSC Warns of Actively Exploited SonicWall Access Control Vulnerability Trust: 5.5 Fetched: Sept. 12, 2025, 11:08 a.m., Published: Sept. 11, 2025, 6:12 a.m.	Vulnerabilities: access control issue, access control flaw, improper access control...

Affected products

External IDs

vendor:	sonicwall	model:	sonicos
vendor:	sonicwall	model:	soho

db:

NVD

ids:

CVE-2024-40766

Siemens SINEC OS \| CISA Trust: 5.5 Fetched: Sept. 12, 2025, 11:07 a.m., Published: Jan. 10, 2023, midnight	Vulnerabilities: resource exhaustion, denial of service

Affected products

External IDs

vendor:

siemens

model:

ruggedcom

db:

NVD

ids:

CVE-2025-40803, CVE-2025-40802

Siemens APOGEE PXC and TALON TC: CVE-2025-40757 BACnet File Leak Explained \| Windows Forum Trust: 5.5 Fetched: Sept. 12, 2025, 11:06 a.m., Published: Sept. 11, 2025, 4:12 p.m.	Vulnerabilities: information disclosure

Affected products

External IDs

vendor:	siemens	model:	talon tc
vendor:	siemens	model:	apogee pxc

db:

NVD

ids:

CVE-2025-40757

CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-202508-2645, VAR-202312-0648 Trust: 6.25 Fetched: Sept. 12, 2025, 11:06 a.m., Published: Sept. 4, 2025, 1:57 p.m.	Vulnerabilities: os command injection, authentication bypass, command injection...

Affected products

External IDs

vendor:	tp-link	model:	wr841n
vendor:	tp-link	model:	archer c7
vendor:	tp-link	model:	tl-wr841n
vendor:	tp-link	model:	routers
vendor:	tp-link	model:	tp-link tl-wr841n
vendor:	tp-link	model:	tl-wr841nd

db:

NVD

ids:

CVE-2025-9377, CVE-2023-50224

2025 September KB5065429 Windows 10 Patch \| 2 Zero Day Vulnerabilities And 81 Flaws HTMD Blog Trust: 3.5 Fetched: Sept. 12, 2025, 11:05 a.m., Published: Sept. 9, 2025, 6:06 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	google	model:	google chrome

db:

NVD

ids:

CVE-2025-55234, CVE-2024-21907

CVE-2025-10127: Daikin Security Gateway Pre-auth Password Reset Flaw \| Windows Forum Trust: 4.5 Fetched: Sept. 12, 2025, 11:04 a.m., Published: Sept. 11, 2025, 4:13 p.m.	Vulnerabilities: weak password, default credentials, password reset flaw

Affected products

External IDs

db:

NVD

ids:

CVE-2025-10127

Frostbyte10 bugs put grocery refrigeration devices at risk • The Register Trust: 3.75 Fetched: Sept. 12, 2025, 11:04 a.m., Published: -	Vulnerabilities: privilege escalation, authentication flaw, denial of service...

Affected products

External IDs

db:

NVD

ids:

CVE-2025-52548, CVE-2025-52551, CVE-2025-6519, CVE-2025-52546, CVE-2025-52543, CVE-2025-52545, CVE-2025-52549, CVE-2025-52544, CVE-2025-52550, CVE-2025-52547

Siemens Apogee PXC and Talon TC Devices \| CISA Trust: 4.5 Fetched: Sept. 12, 2025, 11:02 a.m., Published: Jan. 10, 2023, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	siemens	model:	talon tc
vendor:	siemens	model:	apogee pxc

db:

NVD

ids:

CVE-2025-40757

CVE-2025-20340 \| Tenable® Trust: 6.0 Fetched: Sept. 12, 2025, 11:02 a.m., Published: Sept. 10, 2025, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xr

db:

NVD

ids:

CVE-2025-20340

FalconFeeds.io Blog \| Latest Cyber Threat Intelligence & Security Insights Related entries in the VARIoT vulnerabilities database: VAR-202403-2416 Trust: 4.5 Fetched: Sept. 10, 2025, 9:34 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

vendor:	palo alto networks	model:	networks
vendor:	sonicwall	model:	soho
vendor:	palo	model:	networks
vendor:	barracuda	model:	barracuda

db:

NVD

ids:

CVE-2023-46805, CVE-2024-21887, CVE-2024-23108, CVE-2025-53770, CVE-2024-23109, CVE-2024-21893, CVE-2023-48788, CVE-2025-53771

VARIoT news about IoT security