Sign-up

VARIoT news about IoT security

Bluetooth Zero-Day Turns Millions of Headphones Into Surveillance Devices

Trust: 4.0

Fetched: June 29, 2025, 9:29 a.m., Published: June 27, 2025, 10:50 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: xiaomi model: redmi
db: NVD ids: CVE-2025-20701, CVE-2025-20700, CVE-2025-20702

Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability - Cisco

Trust: 5.0

Fetched: June 29, 2025, 9:28 a.m., Published: June 18, 2025, 11:53 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: vpn client
vendor: cisco model: series
vendor: cisco model: meraki mx
vendor: cisco model: meraki mx firmware
vendor: cisco model: anyconnect vpn client

Multiple Brother Devices: Multiple Vulnerabilities (FIXED) - Rapid7 Blog

Trust: 4.5

Fetched: June 29, 2025, 9:27 a.m., Published: June 25, 2025, midnight
 Vulnerabilities: authentication bypass, buffer overflow, information leak...
Affected productsExternal IDs
db: NVD ids: CVE-2024-51980, CVE-2024-51981, CVE-2024-51979, CVE-2024-51977, CVE-2024-51983, CVE-2024-51982, CVE-2024-51984, CVE-2024-51978

Multiple Brother Devices: Multiple Vulnerabilities (FIXED) - Cyber Security Review

Trust: 4.5

Fetched: June 29, 2025, 9:26 a.m., Published: June 25, 2025, 7:10 a.m.
 Vulnerabilities: authentication bypass, code execution
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine
vendor: cisco model: netscaler gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler adc
vendor: citrix model: gateway
db: NVD ids: CVE-2025-20281, CVE-2025-4365, CVE-2024-6235, CVE-2025-6543, CVE-2024-51978, CVE-2025-5309

Some Brother printers have a remote code execution vulnerability, and they can’t fix it | CSO Online

Trust: 4.75

Fetched: June 29, 2025, 9:26 a.m., Published: June 27, 2025, midnight
 Vulnerabilities: request forgery, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-51980, CVE-2024-51981, CVE-2024-51984

Download photos or videos to your device - Computer - Google Photos Help

Trust: 3.0

Fetched: June 29, 2025, 9:15 a.m., Published: Dec. 29, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome

CVE-2025-49196 : Deprecated TLS Version Vulnerability in SICK Devices

Trust: 3.25

Fetched: June 27, 2025, 11:18 a.m., Published: June 12, 2025, 2:20 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-49196

Remote Work Cybersecurity Statistics 2025: VPN, Shadow IT, etc. - SQ Magazine

Trust: 3.75

Fetched: June 27, 2025, 11:13 a.m., Published: June 26, 2025, 6:04 a.m.
 Vulnerabilities: session hijacking
Affected productsExternal IDs
vendor: google model: home

Top 8 Endpoint Security Threats

Trust: 3.5

Fetched: June 27, 2025, 11:11 a.m., Published: June 5, 2025, 12:23 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: antivirus
vendor: trend model: security
vendor: trend model: data loss prevention

CVE-2025-5777: Critical Information Disclosure Vulnerability “Citrix Bleed 2” in Citrix NetScaler ADC and Gateway - Arctic Wolf

Trust: 5.5

Fetched: June 27, 2025, 11:10 a.m., Published: June 25, 2025, 9:27 p.m.
 Vulnerabilities: improper access control, information disclosure, denial of service
Affected productsExternal IDs
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
vendor: citrix model: gateway
db: NVD ids: CVE-2025-5777, CVE-2023-4966, CVE-2025-5349, CVE-2025-6543

CVE-2025-5777 | Arctic Wolf

Trust: 5.5

Fetched: June 27, 2025, 11:10 a.m., Published: June 25, 2025, 9:22 p.m.
 Vulnerabilities: improper access control, information disclosure, denial of service
Affected productsExternal IDs
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
vendor: citrix model: gateway
db: NVD ids: CVE-2025-5777, CVE-2023-4966, CVE-2025-5349, CVE-2025-6543

CISA Flags Actively Exploited Flaws in AMI, D-Link, and Fortinet Devices

Related entries in the VARIoT vulnerabilities database: VAR-202401-0919, VAR-201911-0300

Trust: 6.0

Fetched: June 27, 2025, 11:09 a.m., Published: -
 Vulnerabilities: path traversal, authentication bypass, privilege escalation
Affected productsExternal IDs
vendor: d-link model: dir-859
db: NVD ids: CVE-2024-54085, CVE-2024-0769, CVE-2019-6693

CVE-2022-50190 : Linux Kernel Device Management Vulnerability in SPI Controller

Trust: 3.25

Fetched: June 27, 2025, 11:09 a.m., Published: June 18, 2025, 11:03 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-50190

Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Denial of Service Vulnerabilities

Trust: 4.75

Fetched: June 27, 2025, 11:03 a.m., Published: June 2, 2025, 2:22 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: series
vendor: cisco model: meraki mx
db: NVD ids: CVE-2024-20501, CVE-2024-20499, CVE-2024-20513, CVE-2024-20500, CVE-2024-20502, CVE-2024-20498

Specific Ricoh MFP and Printer Products - Multiple vulnerabilities (CVE-2017-9765, CVE-2024-2169, CVE-2024-51977, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984) | Ricoh Europe

Trust: 3.25

Fetched: June 27, 2025, 10:56 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-51979, CVE-2024-51981, CVE-2024-51977, CVE-2017-9765, CVE-2024-51984, CVE-2024-51982, CVE-2024-51980, CVE-2024-2169, CVE-2024-51983

New Linux PAM and Udisks Vulnerabilities (CVE-2025-6018 & CVE-2025-6019) Allow Full Root Access Across Major Distributions - Web Asha Technologies

Trust: 4.0

Fetched: June 27, 2025, 10:55 a.m., Published: June 27, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-6019, CVE-2025-6020, CVE-2025-6018

CVE-2025-49603 - Improper access control of device groups in Mender Server

Trust: 5.0

Fetched: June 27, 2025, 10:55 a.m., Published: March 7, 2011, midnight
 Vulnerabilities: improper access control
Affected productsExternal IDs
db: NVD ids: CVE-2025-49603

Multiple Vulnerabilities in Cisco ISE and ISE-PIC Could Allow for Remote Code Execution

Trust: 4.0

Fetched: June 27, 2025, 10:54 a.m., Published: June 25, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Cisco Identity Services Engine Authorization Bypass Vulnerability - Cisco

Trust: 3.0

Fetched: June 27, 2025, 10:54 a.m., Published: June 25, 2025, 11:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine

Threat Spotlight: CVE-2025-5777: Citrix Bleed 2 Opens Old Wounds - ReliaQuest

Trust: 4.75

Fetched: June 27, 2025, 10:53 a.m., Published: June 26, 2025, 8:27 p.m.
 Vulnerabilities: session hijacking
Affected productsExternal IDs
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
vendor: citrix model: gateway
db: NVD ids: CVE-2025-5777, CVE-2023-4966, CVE-2025-6543