Sign-up

VARIoT news about IoT security

Threats to Information Security | GeeksforGeeks

Trust: 3.0

Fetched: April 15, 2025, 9:31 a.m., Published: June 19, 2018, 11:45 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

3 Zero-Day Vulnerabilities backported & fixed in Apple Devices - Intrucept

Related entries in the VARIoT vulnerabilities database: VAR-202501-3666

Trust: 5.75

Fetched: April 15, 2025, 9:27 a.m., Published: April 2, 2025, 12:42 p.m.
 Vulnerabilities: code execution, security bypass, authorization vulnerability...
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: tvos
vendor: apple model: ipad
vendor: apple model: watch
vendor: apple model: safari
vendor: apple model: webkit
vendor: apple model: apple tv
vendor: apple model: macos
vendor: apple model: watchos
db: NVD ids: CVE-2025-24085, CVE-2025-24200, CVE-2025-24201

Protecting Your Network: How To Secure Perimeter Devices From Ransomware

Trust: 4.75

Fetched: April 15, 2025, 9:26 a.m., Published: April 12, 2025, 2:30 a.m.
 Vulnerabilities: code execution, default credentials
Affected productsExternal IDs
vendor: sonicwall model: remote access
db: NVD ids: CVE-2024-21887

Security Vulnerability Detection and Defense of Smart Home Systems Based on the Internet of Things | SpringerLink

Trust: 4.0

Fetched: April 15, 2025, 9:23 a.m., Published: April 15, 2025, midnight
 Vulnerabilities: -

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) - Help Net Security

Trust: 3.25

Fetched: April 15, 2025, 9:22 a.m., Published: April 10, 2025, 10:09 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-48887

Galaxy S24 Vulnerability Poses Risk of Unauthorized File Access

Trust: 4.75

Fetched: April 15, 2025, 9:20 a.m., Published: April 15, 2025, 5:31 a.m.
 Vulnerabilities: directory traversal
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
db: NVD ids: CVE-2024-49421

Siemens SENTRON 7KT PAC1260 Vulnerabilities: Steps for Mitigation and Security | Windows Forum

Related entries in the VARIoT vulnerabilities database: VAR-202504-0724, VAR-202504-0721, VAR-202504-0722, VAR-202504-0725, VAR-202504-0719, VAR-202504-0723, VAR-202504-0717, VAR-202504-0720, VAR-202504-0718

Trust: 3.5

Fetched: April 15, 2025, 9:15 a.m., Published: April 7, 2025, midnight
 Vulnerabilities: cross-site request forgery, code execution, request forgery...
Affected productsExternal IDs
db: NVD ids: CVE-2024-41788, CVE-2024-41793, CVE-2024-41792, CVE-2024-41795, CVE-2024-41796, CVE-2024-41794, CVE-2024-41790, CVE-2024-41791, CVE-2024-41789

April 2025 Android Update: Actively Exploited Kernel Bugs and Remote Privilege Escalation Threat - SOCRadar® Cyber Intelligence Inc.

Trust: 5.5

Fetched: April 15, 2025, 9:14 a.m., Published: April 8, 2025, 11:45 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2025-26416, CVE-2024-53104, CVE-2024-53197, CVE-2024-53150, CVE-2024-50302

Critical FortiSwitch Vulnerability Let Attackers Remotely Change Admin Passwords | Black Hat Ethical Hacking

Trust: 3.25

Fetched: April 15, 2025, 9:14 a.m., Published: April 10, 2025, 8:54 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-48887

Is Ivanti the problem or a symptom of a systemic issue with network devices? | CyberScoop

Trust: 3.5

Fetched: April 15, 2025, 9:12 a.m., Published: April 14, 2025, 10 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: nexus
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: cisco model: nexus
vendor: cisco model: router
vendor: cisco model: routers
vendor: citrix model: gateway
db: NVD ids: CVE-2025-22457

TP-Link Smart Hub Flaw Exposes Users’ Wi-Fi Credentials

Trust: 4.75

Fetched: April 15, 2025, 9:11 a.m., Published: April 10, 2025, 11:13 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
db: NVD ids: CVE-2025-0072

Hackers Exploit Router Flaws in Ongoing Attacks on Enterprise Networks

Trust: 3.0

Fetched: April 15, 2025, 9:11 a.m., Published: April 11, 2025, 6:17 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

What you need to do about the WPA2 Wi-Fi network vulnerability

Trust: 3.0

Fetched: April 15, 2025, 9:10 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs

CVE-2025-0120 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

Trust: 4.75

Fetched: April 15, 2025, 9:08 a.m., Published: April 9, 2025, 4 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: palo alto networks globalprotect
vendor: palo alto networks model: networks globalprotect
vendor: palo model: networks
vendor: palo model: palo alto networks globalprotect
vendor: palo model: networks globalprotect
vendor: paloaltonetworks model: networks
vendor: paloaltonetworks model: palo alto networks globalprotect
vendor: paloaltonetworks model: networks globalprotect
db: NVD ids: CVE-2025-0120

04/09/25: 0-Day and Other Vulnerabilities in Android Devices | UCSF IT

Trust: 3.25

Fetched: April 15, 2025, 9:07 a.m., Published: April 15, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Fortinet warns of threat activity against older vulnerabilities | Cybersecurity Dive

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 4.0

Fetched: April 13, 2025, 9:09 a.m., Published: April 11, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2023-27997, CVE-2022-42475, CVE-2024-21762

Windows 10 KB5055518 April 2025 Patch And 1 Zero Day Vulnerability And 134 Flaws HTMD Blog

Trust: 5.0

Fetched: April 13, 2025, 9:08 a.m., Published: April 8, 2025, 6:19 p.m.
 Vulnerabilities: policy violation
Affected productsExternal IDs
db: NVD ids: CVE-2025-29824

Siemens Industrial Edge Devices | CISA

Trust: 3.5

Fetched: April 13, 2025, 9:05 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: simatic ipc127e
vendor: siemens model: simatic ipc427e
vendor: siemens model: simatic ipc227e
vendor: siemens model: scalance
vendor: siemens model: simatic
vendor: siemens model: siemens simatic ipc427e
vendor: siemens model: simatic ipc847e
vendor: siemens model: siemens simatic ipc127e
vendor: siemens model: siemens simatic ipc847e
vendor: siemens model: siemens simatic ipc227e
db: NVD ids: CVE-2024-54092

CISA Warns of Actively Exploited Linux Kernel Vulnerabilities (CVE-2024-53197, CVE-2024-53150)

Trust: 5.5

Fetched: April 11, 2025, 9:12 a.m., Published: April 10, 2025, 2:16 a.m.
 Vulnerabilities: bounds access bug, privilege escalation, information disclosure
Affected productsExternal IDs
vendor: google model: android
vendor: alsa model: alsa
db: NVD ids: CVE-2024-53104, CVE-2024-53197, CVE-2024-53150, CVE-2024-50302

Hardware vulnerabilities in Hitachi Energy, ABB, B&R ICS devices pose critical infrastructure threat - Industrial Cyber

Trust: 4.25

Fetched: April 11, 2025, 9:11 a.m., Published: April 7, 2025, 8:44 a.m.
 Vulnerabilities: code injection, cross-site scripting, request forgery...
Affected productsExternal IDs
vendor: hitachi model: web server
vendor: codesys model: runtime
vendor: codesys model: web server
vendor: codesys model: codesys
vendor: codesys model: control
db: NVD ids: CVE-2024-10037, CVE-2024-12169, CVE-2024-45480, CVE-2024-45484, CVE-2025-1445, CVE-2024-8315, CVE-2024-8314, CVE-2024-10207, CVE-2024-10206, CVE-2024-10210, CVE-2024-45481, CVE-2024-45483, CVE-2024-45482, CVE-2024-10209, CVE-2024-8313, CVE-2024-11499, CVE-2024-10208