Sign-up

VARIoT news about IoT security

WhatsApp Zero-Click Vulnerability - Review | Security Curated

Trust: 4.75

Fetched: Sept. 9, 2025, 9:11 a.m., Published: Sept. 2, 2025, 3:10 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2025-55177, CVE-2025-43300

Apple Confirms Critical 0-Day Under Active Attack - Immediate Update Urged

Trust: 4.75

Fetched: Sept. 9, 2025, 9:11 a.m., Published: Aug. 21, 2025, 6:06 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: software update
db: NVD ids: CVE-2025-43300

Honeywell OneWireless Wireless Device Manager (WDM) | CISA

Trust: 3.75

Fetched: Sept. 9, 2025, 9:10 a.m., Published: Sept. 1, 2025, midnight
 Vulnerabilities: buffer overread, denial of service, information exposure...
Affected productsExternal IDs
db: NVD ids: CVE-2025-2522, CVE-2025-2521, CVE-2025-3946, CVE-2025-2523

Android's September Security Nightmare: Critical Vulnerabilities Leave Millions Exposed | Technobezz

Trust: 5.75

Fetched: Sept. 9, 2025, 9:10 a.m., Published: Sept. 6, 2025, 7:36 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: google model: wifi
db: NVD ids: CVE-2025-38352, CVE-2025-48539

Apple rushes out fix for active zero-day in iOS and macOS • The Register

Trust: 4.75

Fetched: Sept. 9, 2025, 9:08 a.m., Published: -
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: macos
db: NVD ids: CVE-2025-43300

CISA Warns of Critical SunPower Device Vulnerability Let Attackers Gain Full Device Access

Trust: 3.0

Fetched: Sept. 9, 2025, 9:08 a.m., Published: Sept. 3, 2025, 7:43 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-9696

Security Vulnerability Exposes Medtronic MyCareLink Patient Monitors to Attacks

Trust: 4.75

Fetched: Sept. 9, 2025, 9:07 a.m., Published: Sept. 2, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: medtronic model: mycarelink patient monitor
db: NVD ids: CVE-2025-4395

Reset your Android device to factory settings - Android Help

Trust: 3.0

Fetched: Sept. 9, 2025, 9:06 a.m., Published: Sept. 9, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

CISA Warns of WhatsApp 0-Day Vulnerability Exploited in Attacks

Trust: 3.0

Fetched: Sept. 5, 2025, 10 a.m., Published: Sept. 4, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-55177

Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center: Software Vulnerability Information: Software: Hitachi

Trust: 3.75

Fetched: Sept. 5, 2025, 10 a.m., Published: Oct. 9, 2002, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hitachi model: hitachi compute systems manager
vendor: hitachi model: tuning manager
vendor: hitachi model: hitachi global link manager
vendor: hitachi model: ops center analyzer viewpoint
vendor: hitachi model: hitachi tuning manager
vendor: hitachi model: hitachi ops center common services
vendor: hitachi model: ops center common services
vendor: hitachi model: hitachi ops center analyzer viewpoint
vendor: hitachi model: device manager
vendor: hitachi model: compute systems manager
vendor: hitachi model: hitachi replication manager
vendor: hitachi model: hitachi tiered storage manager
vendor: hitachi model: global link manager
vendor: hitachi model: tiered storage manager
vendor: hitachi model: hitachi device manager
vendor: hitachi model: replication manager
vendor: hitachi model: hitachi infrastructure analytics advisor
db: NVD ids: CVE-2025-30749, CVE-2025-50106, CVE-2025-30754, CVE-2025-50059, CVE-2025-30761

Endpoint Protection Services: Types & Key Features

Trust: 3.5

Fetched: Sept. 5, 2025, 9:57 a.m., Published: Sept. 2, 2025, 6:44 a.m.
 Vulnerabilities: cross-site scripting, denial of service, sql injection
Affected productsExternal IDs

MediaTek Security Update - Patch for Multiple Vulnerabilities Across

Trust: 3.5

Fetched: Sept. 5, 2025, 9:56 a.m., Published: Sept. 3, 2025, midnight
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: snort model: snort

Hackers Scan Cisco ASA Devices for Known Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202007-1057, VAR-202005-0696

Trust: 4.5

Fetched: Sept. 5, 2025, 9:56 a.m., Published: Sept. 5, 2025, 8:47 a.m.
 Vulnerabilities: default credentials, session hijacking, information disclosure
Affected productsExternal IDs
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: asa software
vendor: cisco model: adaptive security appliance
vendor: google model: chrome
db: NVD ids: CVE-2020-3452, CVE-2020-3259

CISA Alerts - Critical SunPower Vulnerability Could Grant Attackers Full Device Control

Trust: 3.0

Fetched: Sept. 5, 2025, 9:55 a.m., Published: Sept. 3, 2025, 11:09 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-9696

CVE-2025-38683 - hv_netvsc: Fix panic during namespace deletion with VF - SecAlerts

Trust: 3.0

Fetched: Sept. 5, 2025, 9:55 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-38683

CVE-2025-36900 : Out-of-Bounds Write Vulnerability in Android Pixel Devices

Trust: 3.0

Fetched: Sept. 5, 2025, 9:54 a.m., Published: Sept. 4, 2025, 4:56 a.m.
 Vulnerabilities: integer overflow, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-36900

CVE-2025-9483: Critical Buffer Overflow Vulnerability in Linksys Devices - Cybersecurity Exploit Tracker by Ameeba

Related entries in the VARIoT vulnerabilities database: VAR-202508-2330

Trust: 5.5

Fetched: Sept. 5, 2025, 9:54 a.m., Published: Sept. 3, 2025, 4:34 a.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: linksys model: re6500
vendor: linksys model: re6300
db: NVD ids: CVE-2025-9483

Critical Qualcomm Vulnerabilities Allow Attackers to Execute Arbitrary Code

Trust: 5.75

Fetched: Sept. 5, 2025, 9:53 a.m., Published: Sept. 3, 2025, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: snort model: snort
db: NVD ids: CVE-2025-27034, CVE-2025-21483

CVE-2025-36901 : Android Security Vulnerability in Pixel Devices by Google

Trust: 4.0

Fetched: Sept. 5, 2025, 9:52 a.m., Published: Sept. 4, 2025, 4:56 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2025-36901

CVE-2025-36892 : Denial of Service Vulnerability in Android Pixel Devices

Trust: 3.25

Fetched: Sept. 5, 2025, 9:52 a.m., Published: Sept. 4, 2025, 4:50 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2025-36892