Sign-up

VARIoT news about IoT security

Update Microsoft SharePoint Server 2016: KB5002731: Resolves a Microsoft Word remote code execution vulnerability.

Trust: 3.25

Fetched: June 13, 2025, 9:15 a.m., Published: June 13, 2016, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-47168, CVE-2025-47169

CVE-2025-23099: Critical Vulnerability in Samsung Mobile Processor Exynos 1480 and 2400 - Cybersecurity Exploit Tracker by Ameeba

Trust: 4.75

Fetched: June 13, 2025, 9:15 a.m., Published: June 9, 2025, 5:01 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: exynos
vendor: samsung model: samsung mobile
db: NVD ids: CVE-2025-23099

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network

Trust: 4.25

Fetched: June 13, 2025, 9:15 a.m., Published: June 13, 2025, 2:25 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-6031

Zero-Click Spyware Attacks Compromised iOS Devices Through iMessage Vulnerability - Cyber Kendra

Trust: 3.75

Fetched: June 13, 2025, 9:06 a.m., Published: March 18, 2001, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2025-43200

checkm8 Exploit Explained: How Appleā€™s Worst Vulnerability Works at the Lowest Level - iDevice Central

Trust: 4.25

Fetched: June 13, 2025, 9:05 a.m., Published: June 11, 2025, 10:55 p.m.
 Vulnerabilities: code execution, memory corruption, memory leak
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: icloud
vendor: apple model: ipod touch
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: tvos
db: NVD ids: CVE-2019-8900

Hydrophobia and other UEFI Secure Boot Bypass Vulnerabilities - Eclypsium | Supply Chain Security for the Modern Enterprise

Trust: 3.5

Fetched: June 13, 2025, 9:04 a.m., Published: June 12, 2025, 4 p.m.
 Vulnerabilities: code execution, memory corruption, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-427, CVE-2025-3052, CVE-2025-4275, CVE-2025-47827

CVE-2025-4975 Tapo privilege escalation on shared devices us... - vulnerability database | Vulners.com

Trust: 3.25

Fetched: June 11, 2025, 9:32 a.m., Published: May 22, 2025, 9:17 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-4975

Cyware Daily Threat Intelligence, June 10, 2025 - Jun 10, 2025 | Cyware

Related entries in the VARIoT vulnerabilities database: VAR-202504-1178

Trust: 4.75

Fetched: June 11, 2025, 9:32 a.m., Published: June 10, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-32433, CVE-2025-24016, CVE-2024-42009, CVE-2025-3835

Multiple Cisco Products Vulnerabilities - Rewterz

Trust: 3.75

Fetched: June 11, 2025, 9:26 a.m., Published: June 4, 2025, 12:38 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: unified computing system
vendor: cisco model: data center network manager
vendor: cisco model: cisco unified computing system
vendor: cisco model: cisco integrated management controller
vendor: cisco model: nexus
vendor: cisco model: integrated management controller
vendor: cisco model: cisco data center network manager
vendor: cisco model: series
db: NVD ids: CVE-2025-20261, CVE-2025-20163

Cyware Daily Threat Intelligence, June 06, 2025 - Jun 6, 2025 | Cyware

Trust: 3.5

Fetched: June 11, 2025, 9:26 a.m., Published: June 6, 2025, midnight
 Vulnerabilities: code execution, directory traversal
Affected productsExternal IDs
db: NVD ids: CVE-2025-37098, CVE-2025-37097, CVE-2025-37099, CVE-2024-42009, CVE-2025-49113

Critical Security Flaw in Windows Storage Management Provider (CVE-2025-33061) - How to Protect Your System | Windows Forum

Trust: 4.75

Fetched: June 11, 2025, 9:25 a.m., Published: May 11, 2025, midnight
 Vulnerabilities: privilege escalation, information disclosure, improper bounds checking...
Affected productsExternal IDs
db: NVD ids: CVE-2025-33061

New Variant of Mirai Malware Targets TBK DVR Devices via Command Injection Flaw - Thailand Computer Emergency Response Team (ThaiCERT)

Trust: 4.0

Fetched: June 11, 2025, 9:25 a.m., Published: June 10, 2025, 8 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-3721

Mitigating CVE-2025-32722: Security Guide for Windows Storage Port Driver Vulnerability | Windows Forum

Trust: 4.0

Fetched: June 11, 2025, 9:24 a.m., Published: May 11, 2025, midnight
 Vulnerabilities: improper access control, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-32722

SSA-513708

Trust: 5.75

Fetched: June 11, 2025, 9:22 a.m., Published: June 1, 2025, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo model: pan-os
vendor: palo alto networks model: networks
vendor: palo alto networks model: pan-os
db: NVD ids: CVE-2025-0133

IoT Impact on Network Security Risks and Effective Solutions | MoldStud

Trust: 4.75

Fetched: June 11, 2025, 9:20 a.m., Published: June 11, 2025, 1:54 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: cisco model: routers

35,000 Solar Power Systems Exposed To Internet Are Vulnerable To Cyberattacks

Trust: 3.75

Fetched: June 11, 2025, 9:19 a.m., Published: June 5, 2025, 5:54 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2022-40881, CVE-2022-29303, CVE-2023-29919, CVE-2023-23333

Windows 10 KB5060533 June 2025 Patch And 2 Zero Day Vulnerabilities And 66 Flaws HTMD Blog

Trust: 4.75

Fetched: June 11, 2025, 9:06 a.m., Published: June 10, 2025, 6:09 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-33073, CVE-2025-33053

Windows 11 KB5060842 KB5060999 June 2025 Patch And 2 Zero Day Vulnerabilities And 66 Flaws HTMD Blog

Trust: 4.5

Fetched: June 11, 2025, 9:05 a.m., Published: June 10, 2025, 5:57 p.m.
 Vulnerabilities: feature bypass, code execution, denial of service...
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2025-33073, CVE-2025-33053

Evaluating Moving Target Defense Methods Using Time to Compromise and Security Risk Metrics in IoT Networks

Trust: 3.25

Fetched: June 10, 2025, 9:42 a.m., Published: Jan. 10, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: android

Top 25 Linux Security Tools to Boost Cyber Defense

Trust: 3.25

Fetched: June 10, 2025, 9:35 a.m., Published: May 23, 2023, 12:30 p.m.
 Vulnerabilities: sql injection, cross-site scripting, file inclusion
Affected productsExternal IDs
vendor: clamav model: clamav
vendor: snort.org model: snort
vendor: snort model: snort
vendor: wireshark model: wireshark