Sign-up

VARIoT news about IoT security

7000+ Citrix NetScaler Devices Still Vulnerable to CVE-2025-5777 and

Trust: 4.25

Fetched: Aug. 22, 2025, 9:39 a.m., Published: Aug. 20, 2025, midnight
 Vulnerabilities: authentication bypass, code execution
Affected productsExternal IDs
vendor: citrix model: netscaler
vendor: citrix model: gateway
vendor: citrix model: netscaler gateway
db: NVD ids: CVE-2025-6543, CVE-2025-5777

CVE-2025-43300 affects Apple Products - TheCyberThrone

Related entries in the VARIoT vulnerabilities database: VAR-201704-1556, VAR-202206-0056, VAR-201505-0274, VAR-202201-1001

Trust: 5.5

Fetched: Aug. 22, 2025, 9:38 a.m., Published: Aug. 22, 2025, 2:48 a.m.
 Vulnerabilities: file upload vulnerability, memory overwrite, code execution...
Affected productsExternal IDs
vendor: realtek model: realtek sdk
vendor: zyxel model: emg2926
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: samsung model: samsung mobile
vendor: samsung model: samsung
vendor: apple model: ipad
vendor: apple model: tvos
vendor: apple model: iphone
vendor: apple model: itunes
vendor: apple model: webkit
vendor: apple model: watchos
vendor: apple model: ipad air
vendor: apple model: safari
vendor: apple model: macos
db: NVD ids: CVE-2021-3129, CVE-2017-6884, CVE-2022-31459, CVE-2014-8361, CVE-2022-22265, CVE-2025-24201, CVE-2025-43300

CISA Warns Of ICS Vulnerabilities In Siemens, Tigo, EG4

Related entries in the VARIoT vulnerabilities database: VAR-202508-0152

Trust: 4.75

Fetched: Aug. 22, 2025, 9:38 a.m., Published: Aug. 22, 2025, 7:32 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: wibu model: codemeter
vendor: siemens model: desigo cc
db: NVD ids: CVE-2025-53520, CVE-2025-47872, CVE-2025-40758, CVE-2025-7769, CVE-2025-47809, CVE-2025-52586, CVE-2025-46414, CVE-2025-7770, CVE-2025-7768

Russian hackers are using an old Cisco flaw to target network devices - here’s how you can stay safe | IT Pro

Related entries in the VARIoT vulnerabilities database: VAR-201803-1387

Trust: 3.75

Fetched: Aug. 22, 2025, 9:37 a.m., Published: Aug. 21, 2025, 10:30 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: cisco ios xe
vendor: cisco model: ios software
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
db: NVD ids: CVE-2018-0171

Cisco Identity Services Engine Arbitrary File Upload Vulnerability

Trust: 5.0

Fetched: Aug. 22, 2025, 9:37 a.m., Published: Aug. 20, 2025, 4:43 p.m.
 Vulnerabilities: file upload vulnerability
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine

CVE-2025-20269 - Cisco Evolved Programmable Network Manager and Prime Infrastructure Arbitrary File Download Vulnerability - SecAlerts

Trust: 4.75

Fetched: Aug. 22, 2025, 9:35 a.m., Published: -
 Vulnerabilities: file download vulnerability
Affected productsExternal IDs
vendor: cisco model: prime infrastructure
vendor: cisco model: evolved programmable network manager
vendor: cisco model: cisco evolved programmable network manager
db: NVD ids: CVE-2025-20269

iPhone, iPad and Mac users beware! Hackers can hijack your device with one image: How to be safe

Trust: 4.75

Fetched: Aug. 22, 2025, 9:35 a.m., Published: Aug. 21, 2025, 2:14 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: iphone

Update Microsoft SQL Server 2017: KB5063759: Fixes a SQL injection vulnerability in a system stored procedure

Trust: 3.0

Fetched: Aug. 22, 2025, 9:35 a.m., Published: Aug. 22, 2017, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-53727, CVE-2025-49759, CVE-2025-49758, CVE-2025-24999

Update Microsoft SQL Server 2017: KB5063760: Fixes a SQL injection vulnerability in a system stored procedure.

Trust: 4.0

Fetched: Aug. 22, 2025, 9:34 a.m., Published: Aug. 22, 2017, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-53727, CVE-2025-49759, CVE-2025-49758, CVE-2025-24999

Cisco Identity Services Engine Arbitrary File Upload Vulnerability

Trust: 5.0

Fetched: Aug. 22, 2025, 9:34 a.m., Published: Aug. 20, 2025, 4:43 p.m.
 Vulnerabilities: file upload vulnerability
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine

The Root(ing) Of All Evil: Security Holes That Could Compromise Your Mobile Device

Trust: 3.75

Fetched: Aug. 22, 2025, 9:33 a.m., Published: Aug. 13, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-48336

CVE-2025-43986: Unauthenticated Telnet Service Vulnerability in KuWFi GC111 Devices - Cybersecurity Exploit Tracker by Ameeba

Trust: 3.0

Fetched: Aug. 22, 2025, 9:33 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-43986

Critical HashiCorp Vulnerability Allows Attackers to Run Code on Host Machine

Trust: 4.75

Fetched: Aug. 22, 2025, 9:32 a.m., Published: Aug. 4, 2025, 6:02 a.m.
 Vulnerabilities: code execution, file execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-6000

Vulnerability Assessment and Patch Management - IT Exams Training - ActualTests

Trust: 3.75

Fetched: Aug. 22, 2025, 9:31 a.m., Published: Aug. 22, 2020, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: citrix model: application delivery controller

iPhone And Mac Users Alert! One Malicious Image Could Let Hackers Take Over Your Device

Trust: 4.75

Fetched: Aug. 22, 2025, 9:30 a.m., Published: June 18, 2002, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: iphone

Cisco Identity Services Engine Arbitrary File Upload Vulnerability (CVE-2025-20131)

Trust: 5.0

Fetched: Aug. 22, 2025, 9:30 a.m., Published: Aug. 21, 2025, 9:38 a.m.
 Vulnerabilities: file upload vulnerability
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine
db: NVD ids: CVE-2025-20131

Update Microsoft SQL Server 2019: KB5063758: Fixes a vulnerability that lets users who have access to certain stored procedure

Trust: 3.0

Fetched: Aug. 22, 2025, 9:29 a.m., Published: Aug. 22, 2019, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-53727, CVE-2025-49759, CVE-2025-49758, CVE-2025-24999

CVE-2025-43982: Hidden Hard-coded Root Account in Shenzhen Tuoshi NR500-EA Devices - Cybersecurity Exploit Tracker by Ameeba

Trust: 3.0

Fetched: Aug. 22, 2025, 9:29 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-43982

FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations | Cybersecurity Dive

Related entries in the VARIoT vulnerabilities database: VAR-201803-1387

Trust: 4.0

Fetched: Aug. 22, 2025, 9:28 a.m., Published: Aug. 20, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios software
db: NVD ids: CVE-2018-0171

CISA: 3 Urgent ICS/Medical Advisories (MELSEC iQ-F, Mitsubishi AC, Synapse Mobility) | Windows Forum

Trust: 3.25

Fetched: Aug. 22, 2025, 9:23 a.m., Published: Aug. 21, 2025, 4:10 p.m.
 Vulnerabilities: authentication bypass, privilege escalation
Affected productsExternal IDs
vendor: mitsubishi electric model: melsec iq-f
vendor: mitsubishielectric model: melsec iq-f
vendor: mitsubishi model: melsec iq-f