Sign-up

VARIoT news about IoT security

CVE-2025-37147 - Secure Boot Bypass allows for Compromise of Hardware Root of Trust

Trust: 3.0

Fetched: Nov. 11, 2025, 9:24 a.m., Published: Oct. 14, 2025, 5:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-37147

CISA Warns of Samsung Mobile Devices 0-Day RCE Vulnerability Exploited in Attacks - Cyber Web Spider Blog - News

Trust: 5.75

Fetched: Nov. 11, 2025, 9:23 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: samsung
vendor: samsung model: mobile
db: NVD ids: CVE-2025-21043, CVE-2025-21042

Advantech DeviceOn/iEdge | CISA

Trust: 4.5

Fetched: Nov. 11, 2025, 9:23 a.m., Published: Nov. 1, 2025, midnight
 Vulnerabilities: code execution, cross-site scripting, path traversal...
Affected productsExternal IDs
db: NVD ids: CVE-2025-64302, CVE-2025-59171, CVE-2025-62630, CVE-2025-58423

CVE-2025-63835 - Tenda AC18 Stack-Based Buffer Overflow Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202511-0360

Trust: 6.0

Fetched: Nov. 11, 2025, 9:23 a.m., Published: Nov. 10, 2025, 5:15 p.m.
 Vulnerabilities: denial of service, code execution, buffer overflow
Affected productsExternal IDs
vendor: tenda model: ac18
db: NVD ids: CVE-2025-63835

IPhone Users No Longer Immune To Cyber Fraud | TheReviewHive

Trust: 4.5

Fetched: Nov. 11, 2025, 9:22 a.m., Published: Nov. 11, 2025, 6:59 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: iphone
db: NVD ids: CVE-2025-43300

Worrying WatchGuard VPN bug could let hackers hijack your devices - here's how to stay safe - AIVAnet

Trust: 5.75

Fetched: Nov. 11, 2025, 9:22 a.m., Published: Oct. 21, 2025, 8:40 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: watchguard model: fireware
vendor: watchguard model: watchguard fireware
db: NVD ids: CVE-2025-9242

LANDFALL: Advanced Commercial-Grade Spyware Targeting Samsung Devices | eSecurity Planet

Trust: 4.5

Fetched: Nov. 11, 2025, 9:22 a.m., Published: Nov. 10, 2025, 3:39 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: palo model: networks
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: palo alto networks model: networks
db: NVD ids: CVE-2025-55177, CVE-2025-21043, CVE-2025-21042, CVE-2025-43300

CVE-2025-43418 - Apple iOS Locked Device Information Disclosure Vulnerability

Trust: 6.0

Fetched: Nov. 11, 2025, 9:21 a.m., Published: Nov. 5, 2025, 7:15 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: apple model: iphone_os
db: NVD ids: CVE-2025-43418

CISA Warns of Actively Exploited 0-Day RCE Vulnerability in Samsung Mobile Devices

Trust: 3.5

Fetched: Nov. 11, 2025, 9:21 a.m., Published: Nov. 11, 2025, 7:19 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: samsung
vendor: samsung model: mobile

CISA Issues Alert on Samsung 0-Day RCE Flaw Actively Exploited in Attacks

Trust: 5.75

Fetched: Nov. 11, 2025, 9:20 a.m., Published: Nov. 11, 2025, 6:53 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: note
vendor: samsung model: samsung
vendor: samsung model: mobile
db: NVD ids: CVE-2025-21042

Qatar Cybersecurity Warns Users Of Android Device Threat: Zero Click Vulnerability

Trust: 3.0

Fetched: Nov. 11, 2025, 9:19 a.m., Published: Nov. 9, 2025, 1:37 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

CISA Warns of Samsung Mobile Devices 0-Day RCE Vulnerability Exploited in

Trust: 4.25

Fetched: Nov. 11, 2025, 9:19 a.m., Published: Nov. 11, 2025, 12:35 p.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: samsung mobile
vendor: samsung model: samsung
vendor: samsung model: mobile
db: NVD ids: CVE-2025-21042

Commercial spyware targeted Samsung Galaxy users for months - iTnews

Trust: 4.75

Fetched: Nov. 11, 2025, 9:18 a.m., Published: Nov. 11, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
vendor: palo model: networks
vendor: google model: android
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: palo alto networks model: networks
db: NVD ids: CVE-2025-55177, CVE-2025-21043, CVE-2025-21042, CVE-2025-43300

Seven QNAP Zero-Day Vulnerabilities Fixed Ahead of Pwn2Own 2025

Trust: 4.75

Fetched: Nov. 11, 2025, 9:18 a.m., Published: Nov. 9, 2025, 7 p.m.
 Vulnerabilities: privilege elevation, command injection, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2025-62840, CVE-2025-11837, CVE-2025-62849, CVE-2025-62847, CVE-2025-62848, CVE-2025-62842

Access Denied

Trust: 3.0

Fetched: Nov. 11, 2025, 9:17 a.m., Published: Nov. 18, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: samsung

Cross-Platform AI Browser Security: Multi-Device Protection Massachusetts | Kief Studio | Kief Studio

Trust: 4.25

Fetched: Nov. 11, 2025, 9:15 a.m., Published: Nov. 7, 2025, 3:04 a.m.
 Vulnerabilities: security bypass, information exposure
Affected productsExternal IDs
vendor: essential model: phone

Warning: Critical Dahua Security Flaw (CVE-2025-31702) Allows Full Takeover - Update Now! - CCTV Wiki

Trust: 5.0

Fetched: Nov. 11, 2025, 9:15 a.m., Published: Nov. 11, 2025, 3:22 a.m.
 Vulnerabilities: weak password
Affected productsExternal IDs
db: NVD ids: CVE-2025-31702

Samsung phones under threat from this dangerous new spyware cyberattack - here's how to stay safe | TechRadar

Trust: 5.75

Fetched: Nov. 11, 2025, 9:13 a.m., Published: Nov. 10, 2025, 4:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: samsung
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
db: NVD ids: CVE-2025-21042

LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices

Trust: 4.5

Fetched: Nov. 11, 2025, 9:11 a.m., Published: Nov. 7, 2025, 3 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: installer
vendor: apple model: mac os x
vendor: apple model: mac os
vendor: palo model: networks
vendor: google model: android
vendor: google model: home
vendor: google model: chrome
vendor: samsung model: mobile devices
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
vendor: samsung model: samsung
vendor: samsung model: gallery
vendor: samsung model: note
vendor: samsung model: mobile
vendor: palo alto networks model: networks
db: NVD ids: CVE-2025-55177, CVE-2025-21043, CVE-2025-21042, CVE-2025-43300

Multiple Cisco Contact Center Products Vulnerabilities - Cisco

Trust: 5.5

Fetched: Nov. 9, 2025, 11:36 a.m., Published: Nov. 5, 2025, 1:09 p.m.
 Vulnerabilities: directory traversal, file upload vulnerability, improper validation...
Affected productsExternal IDs
vendor: cisco model: cisco unified intelligence center
vendor: cisco model: unified intelligence center
vendor: cisco model: unified ccx
db: NVD ids: CVE-2025-20377, CVE-2025-20374, CVE-2025-20376, CVE-2025-20375