Sign-up

VARIoT news about IoT security

Critical Vulnerabilities Uncovered in Zero Trust Network Access Products of

Trust: 3.5

Fetched: Aug. 15, 2025, 9:35 a.m., Published: Aug. 15, 2025, 1:02 p.m.
 Vulnerabilities: authentication bypass, session hijacking, privilege escalation...
Affected productsExternal IDs
vendor: check point model: check point

Auto-Color Backdoor: How Darktrace Thwarted a Stealthy Linux Intrusion

Related entries in the VARIoT vulnerabilities database: VAR-202504-3437

Trust: 3.5

Fetched: Aug. 15, 2025, 9:34 a.m., Published: July 29, 2025, midnight
 Vulnerabilities: object injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-31324

CVE-2025-20127 - Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 3100 and 4200 Series TLS Cipher Denial of Service Vulnerability - SecAlerts

Trust: 5.75

Fetched: Aug. 15, 2025, 9:33 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: firepower threat defense
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense software
vendor: cisco model: adaptive security appliance
vendor: cisco model: cisco adaptive security appliance software
vendor: cisco model: series
vendor: cisco model: adaptive security appliance software
db: NVD ids: CVE-2025-20127

CVE-2025-8393 : TLS Vulnerability in Dreametech Phone Application for Connected Device Management

Trust: 3.25

Fetched: Aug. 15, 2025, 9:33 a.m., Published: Aug. 8, 2025, 4:23 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-8393

CVE-2025-20133 - Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Authentication Targeted Denial of Service Vulnerability - SecAlerts

Trust: 6.0

Fetched: Aug. 15, 2025, 9:32 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
db: NVD ids: CVE-2025-20133

What is IoT Security? | Definition from TechTarget

Trust: 4.0

Fetched: Aug. 15, 2025, 9:31 a.m., Published: Aug. 15, 2024, midnight
 Vulnerabilities: default credentials, buffer overflow, code execution
Affected productsExternal IDs
vendor: essential model: phone
vendor: tesla model: model
vendor: trend model: antivirus
vendor: trend model: security
vendor: trend model: internet security
vendor: trend micro model: antivirus
vendor: trend micro model: security
vendor: trend micro model: internet security

CVE-2025-20696 : Out of Bounds Write Vulnerability in MediaTek Devices

Trust: 3.25

Fetched: Aug. 15, 2025, 9:30 a.m., Published: Aug. 4, 2025, 2:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-20696

CVE-2025-20253 - Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability - SecAlerts

Trust: 5.75

Fetched: Aug. 15, 2025, 9:29 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: asa software
vendor: cisco model: ios xe software
vendor: cisco model: adaptive security appliance
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios software
db: NVD ids: CVE-2025-20253

CVE-2025-20243 - Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability - SecAlerts

Trust: 6.0

Fetched: Aug. 15, 2025, 9:29 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
db: NVD ids: CVE-2025-20243

Pixel Update Bulletin-August 2025 | Android Open Source Project

Trust: 4.5

Fetched: Aug. 15, 2025, 9:28 a.m., Published: Aug. 15, 2025, midnight
 Vulnerabilities: information disclosure, denial of service, code execution
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2025-26784

CVE-2025-20251 - Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense Software Authenticated Arbitrary File Deletion - SecAlerts

Trust: 4.75

Fetched: Aug. 15, 2025, 9:28 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
db: NVD ids: CVE-2025-20251

CVE-2025-37103 - Hard-Coded Credentials Vulnerability in HPE…

Trust: 3.75

Fetched: Aug. 15, 2025, 9:27 a.m., Published: Aug. 9, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: aruba model: aruba instant
vendor: aruba model: instant
db: NVD ids: CVE-2025-37103

SploitLight: Microsoft warns macOS flaw could leak Apple Intelligence metadata - 9to5Mac

Trust: 3.75

Fetched: Aug. 15, 2025, 9:27 a.m., Published: July 28, 2025, 4:44 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: safari
vendor: apple model: macos
db: NVD ids: CVE-2025-31199

Dahua CCTV Vulnerabilities Enable Root Access on Millions of Devices

Trust: 4.75

Fetched: Aug. 15, 2025, 9:26 a.m., Published: Aug. 14, 2025, 9:36 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: dahua model: camera
vendor: hikvision model: hikvision
vendor: dahua technology model: camera
db: NVD ids: CVE-2022-30563

List components - Microsoft Graph v1.0 | Microsoft Learn

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.0

Fetched: Aug. 15, 2025, 9:26 a.m., Published: April 4, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

cisco-sa-fmc-html-inj-MqjrZrny - Cisco Secure Firewall Management Center Software HTML Injection Vulnerability - SecAlerts

Trust: 3.5

Fetched: Aug. 15, 2025, 9:26 a.m., Published: -
 Vulnerabilities: improper validation, request forgery
Affected productsExternal IDs

LG Innotek Camera Vulnerabilities Let Attackers Gain Administrative Access

Trust: 4.0

Fetched: Aug. 15, 2025, 9:25 a.m., Published: July 28, 2025, 8:25 a.m.
 Vulnerabilities: authentication bypass, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-7742

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial of Service Vulnerability

Trust: 4.75

Fetched: Aug. 15, 2025, 9:25 a.m., Published: Aug. 14, 2025, 3:53 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
vendor: cisco model: asa software
vendor: cisco model: firepower

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

Trust: 3.0

Fetched: Aug. 15, 2025, 9:24 a.m., Published: July 25, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial of Service Vulnerability

Trust: 3.75

Fetched: Aug. 15, 2025, 9:24 a.m., Published: Aug. 14, 2025, 3:53 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
vendor: cisco model: asa software