Sign-up

VARIoT news about IoT security

Top IoT Vulnerabilities: How to Secure Smart Devices in 2025 - AstrillVPN Blog

Trust: 3.25

Fetched: July 23, 2025, 12:12 p.m., Published: July 22, 2025, 11:25 a.m.
 Vulnerabilities: buffer overflow, default credentials, cross-site scripting...
Affected productsExternal IDs

Mazāk "konču" un piena. Kā pusaudzim atbrīvoties no pumpām? - Santa

Trust: 3.0

Fetched: July 23, 2025, 11:07 a.m., Published: July 23, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: roku model: roku

Niezošas pumpas bērnam. No kā tās varētu būt? | Veselam.lv

Trust: 3.0

Fetched: July 23, 2025, 11:07 a.m., Published: July 23, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: roku model: roku

Sped - Trans : Przedsiębiorstwo usługowo - spedycyjne. Import, export, tranzyt, spedycja, transport, logistyka. Gdynia.

Trust: 3.0

Fetched: July 23, 2025, 9:57 a.m., Published: July 23, 2000, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: roku model: roku

Tłumaczenie tekstu pisanego - Komputer - Google Translate - Pomoc

Trust: 3.0

Fetched: July 23, 2025, 9:29 a.m., Published: July 23, 5000, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome

Update Canonical Ubuntu Desktop: USN-7628-1: Linux kernel (Azure) vulnerabilities

Trust: 3.75

Fetched: July 22, 2025, 9:59 a.m., Published: Jan. 22, 7628, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
vendor: alsa model: alsa
vendor: acrn model: acrn
db: NVD ids: CVE-2025-2312

CVE-2025-32879: Unauthenticated Access Vulnerability in COROS PACE 3 Devices - Cybersecurity Exploit Tracker by Ameeba

Trust: 3.0

Fetched: July 22, 2025, 9:59 a.m., Published: June 26, 2025, 2:02 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-32879

Microsoft Patch Tuesday, July 2025 Edition - Krebs on Security

Trust: 4.0

Fetched: July 22, 2025, 9:58 a.m., Published: July 22, 2025, midnight
 Vulnerabilities: code execution, information disclosure, authentication vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2025-47178, CVE-2025-49695, CVE-2025-49697, CVE-2025-49696, CVE-2025-47981, CVE-2025-49740, CVE-2025-49702, CVE-2025-49719

HIKVISION Vulnerability Exposes Devices to Code Execution Attacks

Trust: 4.25

Fetched: July 22, 2025, 9:57 a.m., Published: July 3, 2025, midnight
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: hikvision model: ip cameras
vendor: hikvision model: hikvision

SoC Vulnerabilities in Medical Devices: What Manufacturers Need to Know - Blue Goat Cyber

Trust: 4.75

Fetched: July 22, 2025, 9:56 a.m., Published: April 7, 2024, 5:22 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: siemens model: nucleus
vendor: siemens model: nucleus rtos

Critical Remote Takeover Vulnerability in WAGO Device Sphere - Advisories

Trust: 4.25

Fetched: July 22, 2025, 9:56 a.m., Published: July 10, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: wago model: wago
db: NVD ids: CVE-2025-6491, CVE-2025-41672, CVE-2025-1735

Malware Identified in Attacks Exploiting Ivanti Connect Secure Vulnerabilities

Trust: 4.0

Fetched: July 22, 2025, 9:55 a.m., Published: July 18, 2025, 3:42 p.m.
 Vulnerabilities: privilege escalation, password guessing, code insertion
Affected productsExternal IDs
db: NVD ids: CVE-2025-0282, CVE-2025-22457

CVE-2025-32877: Critical Authentication Bypass Vulnerability in COROS PACE 3 Devices - Cybersecurity Exploit Tracker by Ameeba

Trust: 5.0

Fetched: July 22, 2025, 9:55 a.m., Published: June 26, 2025, 6:58 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-32877

Threat Actors Exploiting Ivanti Connect Secure Vulnerabilities to Deploy

Trust: 4.25

Fetched: July 22, 2025, 9:54 a.m., Published: July 20, 2025, 5:31 p.m.
 Vulnerabilities: command execution, arbitrary command execution
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: snort model: snort
vendor: palo model: networks
vendor: palo model: firewall
db: NVD ids: CVE-2025-0282, CVE-2025-22457

Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities - Cisco

Trust: 4.75

Fetched: July 22, 2025, 9:53 a.m., Published: July 21, 2025, 11:40 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine
db: NVD ids: CVE-2025-20337

Critical Cisco ISE Vulnerability Allows Remote Attacker to Execute Commands as Root User

Trust: 4.5

Fetched: July 22, 2025, 9:53 a.m., Published: July 17, 2025, 2:39 a.m.
 Vulnerabilities: code execution, file execution
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
vendor: cisco model: identity services engine
vendor: cisco model: network access control
db: NVD ids: CVE-2025-20282, CVE-2025-20281, CVE-2025-20337

Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities

Trust: 5.75

Fetched: July 22, 2025, 9:53 a.m., Published: July 21, 2025, 6:03 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine
db: NVD ids: CVE-2025-20337

Critical FortiGate 100F SSL-VPN Vulnerability Exploited | Black Hat Ethical Hacking

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 5.0

Fetched: July 22, 2025, 9:52 a.m., Published: June 24, 2025, 5:25 p.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475

Impact of Firmware Vulnerabilities on Device Security - FBI Support Cyber Law Knowledge Base

Trust: 3.75

Fetched: July 22, 2025, 9:51 a.m., Published: July 5, 2025, 4:15 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

Ctrl+Panic: Rapid7 warns of serious vulnerabilities in hundreds of Brother printer models - Cyber Daily

Trust: 4.75

Fetched: July 22, 2025, 9:50 a.m., Published: June 25, 2025, 8 a.m.
 Vulnerabilities: default administrator password, authentication bypass, default password...
Affected productsExternal IDs
db: NVD ids: CVE-2024-51978, CVE-2024-51982, CVE-2024-51981, CVE-2024-51983, CVE-2024-51980, CVE-2024-51984, CVE-2024-51977, CVE-2024-51979