Sign-up

VARIoT news about IoT security

Multiple vulnerabilities disclosed on multiple Apple operating systems - Information Security at University of Toronto

Trust: 3.0

Fetched: May 2, 2025, 9:23 a.m., Published: May 1, 2025, 5:34 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs

Update Canonical Ubuntu Desktop: USN-7396-1: OVN vulnerability

Trust: 3.25

Fetched: May 2, 2025, 9:22 a.m., Published: Jan. 2, 7396, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

AirPlay Security Flaws Impact Third-Party Devices and Unpatched Apple Products - MacRumors

Trust: 3.75

Fetched: May 2, 2025, 9:21 a.m., Published: May 16, 2025, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: apple model: tvos
vendor: apple model: macos

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends - Blog | TenableĀ®

Related entries in the VARIoT vulnerabilities database: VAR-202401-1629, VAR-202403-2416, VAR-202401-2573

Trust: 4.25

Fetched: May 2, 2025, 9:19 a.m., Published: April 23, 2025, 4:05 a.m.
 Vulnerabilities: improper access control, authentication vulnerability, access control vulnerability...
Affected productsExternal IDs
vendor: palo model: networks globalprotect
vendor: palo model: palo alto networks globalprotect
vendor: palo model: networks
vendor: palo model: pan-os
vendor: citrix model: application delivery controller
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler application delivery controller
vendor: citrix model: netscaler
vendor: citrix model: gateway
vendor: sonicwall model: sonicos
vendor: trend model: security
vendor: palo alto networks model: networks globalprotect
vendor: palo alto networks model: palo alto networks globalprotect
vendor: palo alto networks model: networks
vendor: palo alto networks model: pan-os
vendor: cisco model: netscaler gateway
db: NVD ids: CVE-2023-36845, CVE-2023-6549, CVE-2024-3400, CVE-2023-48788, CVE-2023-46805, CVE-2024-21762, CVE-2024-23113, CVE-2024-20359, CVE-2024-21887, CVE-2024-21893, CVE-2023-6548, CVE-2023-36851, CVE-2024-47575, CVE-2023-36846, CVE-2023-4966, CVE-2023-36847, CVE-2024-40766, CVE-2023-36844

Update Your Apple Devices Now to Keep Them Safe From New AirPlay Vulnerability | Lifehacker

Trust: 4.5

Fetched: May 2, 2025, 9:18 a.m., Published: April 30, 2025, 6:30 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: watch
vendor: apple model: software update

Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape - ThreatsHub Cybersecurity News

Related entries in the VARIoT vulnerabilities database: VAR-202208-1613, VAR-202205-1302, VAR-202108-2070

Trust: 4.75

Fetched: May 2, 2025, 9:18 a.m., Published: May 1, 2025, 5 p.m.
 Vulnerabilities: script execution
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2022-26696, CVE-2022-26706, CVE-2021-30864, CVE-2025-31191

Your Apple devices are exposed to hackers until you install these updates | KnowTechie

Trust: 3.5

Fetched: May 2, 2025, 9:14 a.m., Published: May 1, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macbook
vendor: apple model: iphone
vendor: apple model: apple tv

Critical Revolution Pi Security Flaws: How to Protect Industrial IoT Devices from Exploitation | Windows Forum

Trust: 4.5

Fetched: May 2, 2025, 9:13 a.m., Published: May 2, 2025, midnight
 Vulnerabilities: authentication bypass, path traversal, cross-site scripting...
Affected productsExternal IDs
db: NVD ids: CVE-2025-24522, CVE-2025-32011, CVE-2025-35996, CVE-2025-36558

Apple AirPlay SDK devices at risk of takeover-make sure you update | Malwarebytes

Trust: 5.5

Fetched: May 2, 2025, 9:12 a.m., Published: May 1, 2025, 12:14 p.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: software update
vendor: apple model: apple tv
db: NVD ids: CVE-2025-24206, CVE-2025-24252, CVE-2025-24132

Zero Click AirPlay Exploit Puts Apple Devices at Risk: Learn How to Protect Your Organization

Trust: 4.5

Fetched: May 2, 2025, 9:12 a.m., Published: May 17, 2025, midnight
 Vulnerabilities: code execution, buffer overflow, use after free
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: macbook
db: NVD ids: CVE-2025-24271, CVE-2025-24137, CVE-2025-24206, CVE-2025-24132, CVE-2025-24252

2 Apple iPhone Zero-Day Vulnerabilities Actively Exploited in Extremely Sophisticated Attacks

Trust: 4.5

Fetched: May 2, 2025, 9:11 a.m., Published: April 16, 2025, 9:57 p.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: software update
db: NVD ids: CVE-2025-31201, CVE-2025-31200

Millions of Apple AirPlay devices susceptible to 'AirBorne' zero-click RCE attacks, so patch now | TechRadar

Trust: 5.5

Fetched: May 2, 2025, 9:11 a.m., Published: April 30, 2025, 11:30 a.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: apple model: macbook
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: iphone
db: NVD ids: CVE-2025-24206, CVE-2025-24252, CVE-2025-24132

Vulnerabilities in Apple's AirPlay protocol make billions of devices vulnerable - Techzine Global

Trust: 5.75

Fetched: May 2, 2025, 9:09 a.m., Published: May 2, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: safari
db: NVD ids: CVE-2025-24206, CVE-2025-24252, CVE-2025-24132

Urgent Apple AirPlay Security Alert Sounds For Billions Of Devices | HotHardware

Trust: 4.25

Fetched: May 2, 2025, 9:08 a.m., Published: May 1, 2025, 10:24 a.m.
 Vulnerabilities: code execution, use after free
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: ipad

Critical Industrial Device Vulnerability: Protecting OT Systems Against JTAG Exploits | Windows Forum

Trust: 4.25

Fetched: May 2, 2025, 9:07 a.m., Published: May 2, 2025, midnight
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: rockwell model: powermonitor 1000
vendor: rockwell automation model: powermonitor 1000
vendor: stmicroelectronics model: stm32l4
db: NVD ids: CVE-2020-27212

CVE-2025-32433: Maximum Severity Unauthenticated RCE Vulnerability in Erlang/OTP SSH - Arctic Wolf

Related entries in the VARIoT vulnerabilities database: VAR-202504-1178

Trust: 5.0

Fetched: April 30, 2025, 9:34 a.m., Published: April 21, 2025, 7:14 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: routers
db: NVD ids: CVE-2025-32433

CVE-2025-22900: Stack Overflow Vulnerability in Totolink N600R Leading to Potential System Compromise - Cybersecurity Exploit Tracker by Ameeba

Related entries in the VARIoT vulnerabilities database: VAR-202504-1797

Trust: 3.0

Fetched: April 30, 2025, 9:34 a.m., Published: April 22, 2025, 1:38 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-22900

17,000+ Fortinet Devices Compromised in Massive Hack via Symbolic Link Exploit

Trust: 3.5

Fetched: April 30, 2025, 9:27 a.m., Published: April 18, 2025, 3:47 a.m.
 Vulnerabilities: symbolic link attack
Affected productsExternal IDs
vendor: fortigate model: fortios
vendor: trend model: security

This newly discovered iOS flaw could completely brick your iPhone with a single line of code | Tom's Guide

Trust: 3.75

Fetched: April 30, 2025, 9:14 a.m., Published: April 28, 2025, 3:15 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: iphone

7 Proactive Steps to Better IoT Security - Blue Goat Cyber

Trust: 3.75

Fetched: April 30, 2025, 9:14 a.m., Published: Jan. 29, 2024, 11:31 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home