Sign-up

VARIoT news about IoT security

China-linked attacker hit France’s critical infrastructure via trio of Ivanti zero-days last year | CyberScoop

Trust: 3.75

Fetched: July 8, 2025, 11:51 a.m., Published: July 3, 2025, 3:44 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-8963, CVE-2024-8190, CVE-2024-9380

CVE-2025-41672 (CVSS 10): Critical JWT Certificate Flaw in WAGO Device Sphere Allows Full Remote Takeover

Trust: 4.0

Fetched: July 8, 2025, 11:32 a.m., Published: July 8, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: wago model: wago
db: NVD ids: CVE-2025-41672

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: July 8, 2025, 11:22 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

Wegbeschreibungen abrufen und Routen in Google Maps anzeigen - Android - Google Maps-Hilfe

Trust: 3.5

Fetched: July 8, 2025, 11:09 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

[no-title]

Trust: 3.0

Fetched: July 8, 2025, 11:04 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

[no-title]

Trust: 3.0

Fetched: July 8, 2025, 11:04 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

Pesquise localizações no Google Maps - Computador - Google Maps Ajuda

Trust: 3.0

Fetched: July 8, 2025, 9:21 a.m., Published: July 8, 2780, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Download areas & navigate offline in Google Maps - Android - Google Maps Help

Trust: 3.25

Fetched: July 8, 2025, 9:20 a.m., Published: July 6, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Plan your commute or trip - Computer - Google Maps Help

Trust: 3.0

Fetched: July 8, 2025, 9:20 a.m., Published: Jan. 24, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet - Cyber Security Review

Trust: 5.5

Fetched: July 6, 2025, 12:10 p.m., Published: June 17, 2025, 8:10 a.m.
 Vulnerabilities: code execution, injection attack
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2024-53677, CVE-2025-3248, CVE-2024-12356

Your Bluetooth Headphones Might Be Spying On You - Dataconomy

Trust: 5.0

Fetched: July 6, 2025, 12:09 p.m., Published: July 1, 2025, 1:48 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-20700, CVE-2025-20701, CVE-2025-20702

AVTech IP Camera, DVR, and NVR Devices Multiple Vulnerabilities | Advisories | VulnCheck

Related entries in the VARIoT vulnerabilities database: VAR-201705-3255, VAR-201912-1601

Trust: 6.0

Fetched: July 6, 2025, 12:09 p.m., Published: July 6, 2025, midnight
 Vulnerabilities: buffer overflow, cross-site request forgery, os command injection...
Affected productsExternal IDs
vendor: avtech model: ip camera
db: NVD ids: CVE-2025-34055, CVE-2025-34050, CVE-2017-5173, CVE-2025-34054, CVE-2025-34053, CVE-2020-9312, CVE-2025-34056, CVE-2025-34065, CVE-2025-34066, CVE-2013-4985, CVE-2025-34052, CVE-2025-34051

Apple Messages security flaw was used to spy on journalists

Trust: 4.5

Fetched: July 6, 2025, 12:08 p.m., Published: June 19, 2025, 4:14 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: ipad
vendor: apple model: watch
vendor: apple model: iphone
vendor: apple model: macbook
db: NVD ids: CVE-2025-43200

Xiaomi HyperOS June 2025 Security Patch Rolls Out: Critical Vulnerabilities Fixed

Trust: 5.75

Fetched: July 6, 2025, 12:07 p.m., Published: June 20, 2025, 9:35 a.m.
 Vulnerabilities: memory corruption, information disclosure, privilege escalation...
Affected productsExternal IDs
vendor: xiaomi model: redmi
db: NVD ids: CVE-2025-26452, CVE-2025-26449, CVE-2025-26463, CVE-2025-26448, CVE-2025-26432, CVE-2025-26455, CVE-2025-26437, CVE-2025-26450

Cisco Unified CM Vulnerability Allows Remote Attacker to Login As Root User

Trust: 4.75

Fetched: July 6, 2025, 12:06 p.m., Published: July 3, 2025, 8:12 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: cisco model: unified communications
vendor: cisco model: cisco unified communications manager
vendor: cisco model: unified communications manager session management edition
vendor: cisco model: unified communications manager
db: NVD ids: CVE-2025-20309

20 Best Endpoint Management Tools - 2025

Trust: 3.5

Fetched: July 6, 2025, 12:05 p.m., Published: July 1, 2025, 7:04 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: tvos
vendor: apple model: macos
vendor: symantec model: endpoint protection
vendor: symantec model: antivirus
vendor: symantec model: data loss prevention

CVE-2025-30131: Unauthenticated File Upload Vulnerability in IROAD Dashcam FX2 Devices - Cybersecurity Exploit Tracker by Ameeba

Trust: 5.0

Fetched: July 6, 2025, noon, Published: July 2, 2025, 7:06 p.m.
 Vulnerabilities: file upload vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2025-30131

"CitrixBleed 2" Vulnerability PoC Released - Warns of Potential Widespread Exploitation

Trust: 5.5

Fetched: July 6, 2025, 11:54 a.m., Published: July 5, 2025, 1:39 p.m.
 Vulnerabilities: memory leak, session hijacking, authentication bypass
Affected productsExternal IDs
vendor: comcast model: xfinity
vendor: citrix model: netscaler
vendor: citrix model: netscaler gateway
vendor: citrix model: gateway
vendor: citrix model: netscaler adc
vendor: xfinity model: gateway
db: NVD ids: CVE-2023-4966, CVE-2025-5777

What is the HIKVISION ApplyCT Vulnerability and How Does it Impact Surveillance Devices? - Web Asha Technologies

Trust: 5.25

Fetched: July 6, 2025, 11:53 a.m., Published: July 10, 2025, midnight
 Vulnerabilities: command execution, code execution
Affected productsExternal IDs
vendor: hikvision model: ip cameras
vendor: hikvision model: hikvision
db: NVD ids: CVE-2025-34067

Critical HIKVISION ApplyCT Vulnerability Exposes Devices to Code Execution Attacks

Trust: 5.75

Fetched: July 6, 2025, 11:53 a.m., Published: July 4, 2025, 10:08 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: hikvision model: hikvision
db: NVD ids: CVE-2025-34067