VARIoT latest news about IoT security

Security Vulnerability Testing Architecture in IoT Based on a Honeypot \| SpringerLink Trust: 3.0 Fetched: Sept. 26, 2025, 11:14 a.m., Published: Sept. 26, 2026, midnight	Vulnerabilities: denial of service

Affected products	External IDs

cisco-sa-ios-invalid-url-dos-Nvxszf6u - Cisco IOS Software Industrial Ethernet Switch Device Manager Denial of Service Vulnerability - SecAlerts Trust: 4.75 Fetched: Sept. 26, 2025, 11:12 a.m., Published: -	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	cisco	model:	device manager
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios software
vendor:	cisco	model:	industrial ethernet

Cisco IOS XE Software Secure Boot Bypass Vulnerabilities Trust: 4.0 Fetched: Sept. 26, 2025, 11:10 a.m., Published: Sept. 24, 2025, 4:11 p.m.	Vulnerabilities: improper validation

Affected products

External IDs

vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe

Multiple Vulnerabilities in Cisco Products Could Allow for Remote Code Execution Trust: 3.0 Fetched: Sept. 26, 2025, 11:07 a.m., Published: Sept. 25, 2025, midnight	Vulnerabilities: code execution

Affected products	External IDs

www.cyber.gov.au Trust: 3.25 Fetched: Sept. 26, 2025, 11:01 a.m., Published: Sept. 26, 5500, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

cisco

model:

series

OnePlus exploit lets apps access your texts, but a fix is on the way Trust: 3.5 Fetched: Sept. 26, 2025, 11:01 a.m., Published: Sept. 25, 2025, 6:55 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	oneplus	model:	oxygenos
vendor:	oneplus	model:	oneplus

db:

NVD

ids:

CVE-2025-10184

CVE-2025-54807: Critical Authentication Bypass Vulnerability in Device Firmware - Cybersecurity Exploit Tracker by Ameeba Trust: 5.0 Fetched: Sept. 26, 2025, 11:01 a.m., Published: Nov. 30, 0001, midnight	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2025-54807

Cisco IOS RCE Vulnerability CVE-2025-20352 Exploited Trust: 5.75 Fetched: Sept. 26, 2025, 11 a.m., Published: Sept. 25, 2025, 9:53 a.m.	Vulnerabilities: code execution, denial of service

Affected products

External IDs

vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	series
vendor:	cisco	model:	series switches
vendor:	cisco	model:	cisco nx-os
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xr

db:

NVD

ids:

CVE-2025-20352

Approximately 2 Million Cisco Devices Vulnerable to Exploited Zero-Day Threat Trust: 4.75 Fetched: Sept. 26, 2025, 11 a.m., Published: Sept. 2, 2025, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe

db:

NVD

ids:

CVE-2025-20352

CVE-2025-20333, CVE-2025-20362: Frequently Asked Questions About Zero-Day Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) Vulnerabilities - Security Boulevard Trust: 4.0 Fetched: Sept. 26, 2025, 11 a.m., Published: Sept. 25, 2025, 9:47 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	adaptive security appliance

db:

NVD

ids:

CVE-2025-20333, CVE-2025-20362

Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software Trust: 6.0 Fetched: Sept. 26, 2025, 10:59 a.m., Published: Sept. 25, 2025, 6:30 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	nx-os software
vendor:	cisco	model:	cisco ios xr
vendor:	cisco	model:	series
vendor:	cisco	model:	series switches
vendor:	cisco	model:	ios xr software
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	nx-os
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xr
vendor:	cisco	model:	ios software

db:

NVD

ids:

CVE-2025-20352

Cisco IOS 0-Day RCE Vulnerability Actively Exploited in the Wild Trust: 5.75 Fetched: Sept. 26, 2025, 10:59 a.m., Published: Sept. 24, 2025, 5:59 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	series
vendor:	cisco	model:	series switches
vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	catalyst
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2025-20352

Cisco admins urged to patch IOS, IOS XE devices \| Network World Trust: 5.0 Fetched: Sept. 26, 2025, 10:56 a.m., Published: Sept. 25, 2025, midnight	Vulnerabilities: code execution, denial of service, default credentials

Affected products

External IDs

vendor:

cisco

model:

ios xe

CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices \| CISA Trust: 4.25 Fetched: Sept. 26, 2025, 10:56 a.m., Published: Sept. 27, 2025, 4:59 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

cisco

model:

firepower

db:

NVD

ids:

CVE-2025-20333, CVE-2025-20362

NCSC warns of persistent malware campaign targeting Cisco... - NCSC.GOV.UK Trust: 3.0 Fetched: Sept. 26, 2025, 10:55 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	asa 5500
vendor:	cisco	model:	series

As many as 2 million Cisco devices affected by actively exploited 0-day - Ars Technica Trust: 5.75 Fetched: Sept. 26, 2025, 10:55 a.m., Published: Sept. 25, 2025, 12:43 p.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe

db:

NVD

ids:

CVE-2025-20352

Hackers Scanning Cisco ASA Devices to Exploit Vulnerabilities from 25,000 IPs - Cyber Security News Related entries in the VARIoT vulnerabilities database: VAR-202007-1057 Trust: 3.75 Fetched: Sept. 23, 2025, 9:59 a.m., Published: Sept. 5, 2025, 3:11 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	cisco	model:	asa software

db:

NVD

ids:

CVE-2020-3452

ESPHome Web Server Authentication Bypass Vulnerability Exposes Smart Devices - Cybernoz - Cybersecurity News Trust: 5.25 Fetched: Sept. 23, 2025, 9:59 a.m., Published: Sept. 2, 2025, 9:11 p.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2025-57808

Developer verification: a promised lift for Android security \| Malwarebytes Trust: 3.75 Fetched: Sept. 23, 2025, 9:56 a.m., Published: Aug. 27, 2025, 1:56 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	samsung
vendor:	samsung	model:	mobile
vendor:	samsung	model:	mobile devices
vendor:	google	model:	android
vendor:	google	model:	pixel
vendor:	motorola	model:	android
vendor:	motorola	model:	motorola
vendor:	oneplus	model:	oneplus
vendor:	huawei	model:	huawei

About the security content of iOS 18.7 and iPadOS 18.7 - Apple Support Trust: 5.25 Fetched: Sept. 23, 2025, 9:55 a.m., Published: Sept. 18, 2025, midnight	Vulnerabilities: process crash, bounds access issue

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad

db:

NVD

ids:

CVE-2025-43346, CVE-2025-43358, CVE-2025-43362, CVE-2025-43203, CVE-2025-43356, CVE-2025-43302, CVE-2025-43295, CVE-2025-43355, CVE-2025-43342, CVE-2025-43359, CVE-2025-43299, CVE-2025-43349

VARIoT news about IoT security