Sign-up

VARIoT news about IoT security

Chinese energy tech exports found to contain hidden comms and radio devices | TechRadar

Trust: 4.75

Fetched: May 23, 2025, 9:22 a.m., Published: May 14, 2025, 7:11 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: huawei model: huawei

CVE-2025-4975 : Notification Access Vulnerability in TP-Link Smart Devices

Trust: 3.25

Fetched: May 23, 2025, 9:20 a.m., Published: May 22, 2025, 9:17 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-4975

Update Canonical Ubuntu Server: USN-7468-1: Linux kernel (Azure, N-Series) vulnerabilities

Trust: 3.25

Fetched: May 23, 2025, 9:20 a.m., Published: Jan. 23, 7468, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Cisco Unified Contact Center Enterprise Cloud Connect Insufficient Access Control Vulnerability

Trust: 5.0

Fetched: May 23, 2025, 9:20 a.m., Published: May 21, 2025, 3:52 p.m.
 Vulnerabilities: access control vulnerability
Affected productsExternal IDs
vendor: cisco model: unified contact center enterprise
vendor: cisco model: cisco unified contact center enterprise

Surface Pro 7 Plus May 2025 update is now available to install via Windows Update

Trust: 5.0

Fetched: May 23, 2025, 9:19 a.m., Published: May 20, 2025, 4 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2022-36392, CVE-2022-38102

Cisco IOS, IOS XE, and IOS XR Software TWAMP Denial of Service Vulnerability

Trust: 3.5

Fetched: May 23, 2025, 9:18 a.m., Published: May 7, 2025, 3:53 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xr software
vendor: cisco model: ios xr

dirtyZero IPA Download - Hide Dock & Home Bar on iOS 16 to 18.3.2 (No Jailbreak) - iDevice Central

Trust: 3.5

Fetched: May 23, 2025, 9:12 a.m., Published: May 10, 2025, 1:06 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: apple model: iphone
db: NVD ids: CVE-2025-24203

Microsoft rolled out new firmware updates (May 20, 2025) for Surface Laptop 6

Trust: 5.0

Fetched: May 23, 2025, 9:12 a.m., Published: May 20, 2025, 4 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-44074, CVE-2024-21864

Update Canonical Ubuntu Server: USN-7483-1: OpenJDK 21 vulnerabilities

Trust: 6.0

Fetched: May 21, 2025, 6:33 p.m., Published: Jan. 21, 7483, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-21587, CVE-2025-30698, CVE-2025-30691

GeoVision Devices OS Command Injection Vulnerability - vulnerability database | Vulners.com

Trust: 3.0

Fetched: May 21, 2025, 6:32 p.m., Published: May 7, 2025, midnight
 Vulnerabilities: command injection, os command injection
Affected productsExternal IDs

Cisco Secure Network Analytics Manager API Authorization Vulnerability

Trust: 4.25

Fetched: May 21, 2025, 6:31 p.m., Published: May 21, 2025, 3:52 p.m.
 Vulnerabilities: authorization vulnerability
Affected productsExternal IDs

Cisco IOS Software Industrial Ethernet Switch Device Manager Privilege Escalation Vulnerability

Trust: 4.0

Fetched: May 21, 2025, 6:30 p.m., Published: May 7, 2025, 3:53 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: industrial ethernet
vendor: cisco model: ios xe
vendor: cisco model: device manager
vendor: cisco model: ios software

Update Cisco Catalyst 1000 Series: Fixed: Cisco IOS Software and IOS XE Software IKEv2 Denial ofService Vulnerability

Trust: 3.5

Fetched: May 21, 2025, 6:30 p.m., Published: -
 Vulnerabilities: privilege escalation, denial of service
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: series
vendor: cisco model: industrial ethernet
vendor: cisco model: ios xe
vendor: cisco model: device manager
vendor: cisco model: catalyst
vendor: cisco model: ios software
vendor: cisco model: ios xr
vendor: cisco model: ios xr software
vendor: cisco model: cisco ios xe

AirBorne Vulnerabilities Threaten AirPlay Users, Do These Security Tips Now!

Trust: 5.0

Fetched: May 21, 2025, 6:29 p.m., Published: May 22, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos

CVE-2025-37969 : Linux Kernel Vulnerability in ST LSM6DSX IMU Device

Trust: 3.25

Fetched: May 21, 2025, 6:27 p.m., Published: May 20, 2025, 4:47 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-37969

CVE-2025-37974 : Linux Kernel Vulnerability in s390/pci Affects Device Creation

Trust: 3.25

Fetched: May 21, 2025, 6:26 p.m., Published: May 20, 2025, 4:47 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-37974

Cisco IOS XE SD-WAN Software Packet Filtering Bypass Vulnerability - Cisco

Trust: 3.0

Fetched: May 21, 2025, 6:26 p.m., Published: May 7, 2025, 11:18 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: router
vendor: cisco model: cisco ios
vendor: cisco model: nx-os
vendor: cisco model: ios xe
vendor: cisco model: catalyst
vendor: cisco model: routers
vendor: cisco model: nx-os software
vendor: cisco model: ios xe sd-wan software
vendor: cisco model: ios software
vendor: cisco model: sd-wan
vendor: cisco model: cisco sd-wan
vendor: cisco model: cisco ios xe

TP-Link AX21 Router Devices Multiple Vulnerabilities (Apr 2023) (CVE-2023-1389, CVE-2023-27359) - Vulnerability & Exploit Database

Related entries in the VARIoT vulnerabilities database: VAR-202303-1268, VAR-202304-1960

Trust: 3.0

Fetched: May 21, 2025, 6:25 p.m., Published: April 21, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-1389, CVE-2023-27359

Cisco IOS XE Software Privilege Escalation Vulnerabilities - Cisco

Trust: 4.0

Fetched: May 21, 2025, 6:25 p.m., Published: May 9, 2025, 6:18 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco model: cisco ios xe

CVE-2025-37970 : Linux Kernel St_LSM6DSX IMU Device Lockup Vulnerability

Trust: 3.25

Fetched: May 21, 2025, 6:24 p.m., Published: May 20, 2025, 4:47 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-37970