Sign-up

VARIoT news about IoT security

FUJIFILM Printer Flaw Allows Attackers to Trigger DoS Attacks

Trust: 4.0

Fetched: Aug. 10, 2025, 9:31 a.m., Published: Aug. 4, 2025, 12:38 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-48499

Trellix Insights: DVR Device Vulnerabilities Targeted by FreakOut Botnet

Trust: 3.25

Fetched: Aug. 10, 2025, 9:30 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs

CERT-EU - Critical Vulnerabilities in Microsoft SharePoint

Trust: 5.0

Fetched: Aug. 10, 2025, 9:29 a.m., Published: -
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2025-53770, CVE-2025-49706, CVE-2025-53771

Critical Vulnerability in Linux Kernel: USB Device Disconnect Warning

Trust: 3.0

Fetched: Aug. 10, 2025, 9:28 a.m., Published: Aug. 12, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-38385

Securing NHS Data: Best Practices - MedTechNews

Trust: 3.75

Fetched: Aug. 10, 2025, 9:26 a.m., Published: Aug. 2, 2025, 7:21 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

VU#554637 - TP-Link Archer C50 router is vulnerable to configuration-file decryption

Trust: 5.0

Fetched: Aug. 10, 2025, 9:25 a.m., Published: Aug. 4, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tp-link model: archer c50
db: NVD ids: CVE-2025-6982

A Full-Chain Exploit of an Unfused Qualcomm Device

Trust: 4.25

Fetched: Aug. 10, 2025, 9:23 a.m., Published: Aug. 6, 2025, midnight
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: xiaomi model: redmi
vendor: huawei model: huawei
vendor: essential model: phone

Microsoft calls out Apple Intelligence AI security flaw which could have let hackers steal private data | TechRadar

Trust: 3.75

Fetched: Aug. 10, 2025, 9:23 a.m., Published: July 29, 2025, 1:48 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: macos
db: NVD ids: CVE-2025-31199

Akira Ransomware Exploits SonicWall SMA100 Vulnerabilities: What You Need to Know | Bitsight

Related entries in the VARIoT vulnerabilities database: VAR-202507-3132, VAR-202507-3117, VAR-202507-3108

Trust: 5.5

Fetched: Aug. 10, 2025, 9:23 a.m., Published: Aug. 10, 2025, midnight
 Vulnerabilities: buffer overflow, privilege escalation, denial of service...
Affected productsExternal IDs
vendor: sonicwall model: sma100
vendor: sonicwall model: ssl vpn
db: NVD ids: CVE-2025-40597, CVE-2025-40598, CVE-2025-40599, CVE-2025-40596

Critical Android vulnerabilities patched-update as soon as you can | Malwarebytes

Trust: 5.75

Fetched: Aug. 10, 2025, 9:22 a.m., Published: Aug. 5, 2025, 2:21 p.m.
 Vulnerabilities: code execution, command execution, memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2025-48530, CVE-2025-21479

SonicWall SSLVPN Vulnerability on Gen 7 Devices

Trust: 3.5

Fetched: Aug. 10, 2025, 9:22 a.m., Published: Aug. 7, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: sonicwall model: remote access
vendor: sonicwall model: sonicos
vendor: sonicwall model: ssl vpn
db: NVD ids: CVE-2024-40766

Yealink IP Phones Vulnerabilities: Urgent Security Fixes for Business Communication Devices | Windows Forum

Trust: 4.5

Fetched: Aug. 10, 2025, 9:21 a.m., Published: Aug. 7, 2025, 4:10 p.m.
 Vulnerabilities: information disclosure, certificate validation issue, session hijacking
Affected productsExternal IDs
vendor: yealink model: hardware
db: NVD ids: CVE-2025-52917, CVE-2025-52919, CVE-2025-52916, CVE-2025-52918

Critical Firmware Loading Vulnerability in Linux Kernel - CVE-2025-38420

Trust: 3.25

Fetched: Aug. 10, 2025, 9:21 a.m., Published: Aug. 11, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-38420

Multiple flaws found in TETRA radio systems, exposing law enforcement, military, critical infrastructure communications - Industrial Cyber

Trust: 4.75

Fetched: Aug. 10, 2025, 9:20 a.m., Published: Aug. 8, 2025, 9:51 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: motorola model: motorola
db: NVD ids: CVE-2025-52942, CVE-2025-52944, CVE-2022-24401, CVE-2025-52941, CVE-2025-8458, CVE-2025-52945, CVE-2025-52943, CVE-2025-52940

Millions of Dell Laptops Vulnerable to Device Takeover and Persistent Malware Attacks

Trust: 5.25

Fetched: Aug. 10, 2025, 9:19 a.m., Published: Aug. 6, 2025, 3:45 a.m.
 Vulnerabilities: code execution, buffer overflow, information leakage
Affected productsExternal IDs
vendor: dell model: latitude
vendor: cisco model: series
db: NVD ids: CVE-2025-25215, CVE-2025-24919, CVE-2025-24922, CVE-2025-24311, CVE-2025-25050

CISA Alerts on Ongoing Exploits Targeting D-Link Device Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202211-1888, VAR-202009-0782, VAR-202009-0783

Trust: 4.75

Fetched: Aug. 10, 2025, 9:15 a.m., Published: Aug. 6, 2025, 6 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: d-link model: dcs-2670l
vendor: d-link model: dnr-322l
vendor: d-link model: dcs-2530l
vendor: trend model: security
db: NVD ids: CVE-2022-40799, CVE-2020-25078, CVE-2020-25079

Attacker could defeat Dell firmware flaws with a vegetable | Computer Weekly

Trust: 4.5

Fetched: Aug. 10, 2025, 9:14 a.m., Published: Aug. 5, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: latitude
vendor: cisco model: device manager
vendor: cisco model: series
db: NVD ids: CVE-2025-25215, CVE-2025-24919, CVE-2025-24922, CVE-2025-24311, CVE-2025-25050

Millions of Dell laptops at risk due to Broadcom chip security flaw - here's how you can stay safe | TechRadar

Trust: 3.75

Fetched: Aug. 10, 2025, 9:13 a.m., Published: Aug. 6, 2025, 11:31 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Millions of Dell PCs with Broadcom chips open to attack • The Register

Trust: 4.5

Fetched: Aug. 10, 2025, 9:12 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: dell model: latitude
vendor: cisco model: series
db: NVD ids: CVE-2025-25215, CVE-2025-24919, CVE-2025-24922, CVE-2025-24311, CVE-2025-25050

Download photos or videos to your device - Computer - Google Photos Help

Trust: 3.0

Fetched: Aug. 8, 2025, 6:04 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome