Sign-up

VARIoT news about IoT security

Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Vulnerability

Trust: 3.0

Fetched: June 6, 2025, 9:08 a.m., Published: June 4, 2025, 3:54 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: nexus

Access Remote IoT Free On Android: Your SSH Guide

Trust: 3.5

Fetched: June 4, 2025, 9:31 a.m., Published: May 13, 2025, 8:17 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: home
vendor: raspberry pi model: 3
vendor: essential model: phone

End-to-End Encryption: Technological and Human Factor Perspectives | SpringerLink

Trust: 3.0

Fetched: June 4, 2025, 9:30 a.m., Published: June 4, 2025, midnight
 Vulnerabilities: -

Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats - CyberHoot

Trust: 5.5

Fetched: June 4, 2025, 9:29 a.m., Published: May 15, 2025, 3:24 p.m.
 Vulnerabilities: denial of service, control bypass, code execution
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: macos
vendor: apple model: tvos
db: NVD ids: CVE-2025-24252, CVE-2025-24132, CVE-2025-24206

CVE-2025-49163 : Bootloader Vulnerability in Arris VIP1113 Devices Using KreaTV SDK

Trust: 3.0

Fetched: June 4, 2025, 9:28 a.m., Published: June 3, 2025, 12:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-49163

CVE-2025-31217 : Input Validation Vulnerability in Safari Affecting Apple Devices

Trust: 6.25

Fetched: June 4, 2025, 9:23 a.m., Published: May 12, 2025, 9:42 p.m.
 Vulnerabilities: input validation vulnerability
Affected productsExternal IDs
vendor: apple model: safari
db: NVD ids: CVE-2025-31217

Update Canonical Ubuntu Server: USN-7504-1: LibreOffice vulnerability

Trust: 3.25

Fetched: June 4, 2025, 9:23 a.m., Published: Jan. 4, 7504, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Android Security Patch Level Warning from Qualcomm Chips - Inside Telecom

Trust: 4.75

Fetched: June 4, 2025, 9:22 a.m., Published: June 3, 2025, 6:45 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: android
vendor: essential model: phone
db: NVD ids: CVE-2025-21480, CVE-2025-27038, CVE-2025-21479

Cisco fixes max severity IOS XE flaw letting attackers hijack devices

Trust: 3.25

Fetched: June 4, 2025, 9:22 a.m., Published: June 10, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xe

Android Security Patch Level Warning from Qualcomm Chips - Inside Telecom

Trust: 4.75

Fetched: June 4, 2025, 9:21 a.m., Published: June 3, 2025, 6:45 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: android
vendor: essential model: phone
db: NVD ids: CVE-2025-21480, CVE-2025-27038, CVE-2025-21479

CVE-2025-24220 - Apple iPadOS and iOS Persistent Device Identifier Read Permissions Vulnerability

Trust: 3.75

Fetched: June 4, 2025, 9:21 a.m., Published: May 12, 2025, 10:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone_os
db: NVD ids: CVE-2025-24220

Critical Cisco IOS XE Vulnerability Exposes Devices to Remote Attacks - This Week Health

Trust: 3.0

Fetched: June 4, 2025, 9:20 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe

Update Microsoft SharePoint Server 2019: KB5002708: Resolves a Microsoft SharePoint Server remote code execution vulnerability

Trust: 3.25

Fetched: June 4, 2025, 9:19 a.m., Published: June 4, 2019, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-30384, CVE-2025-30382, CVE-2025-30378, CVE-2025-29976

U.S. CISA adds ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog

Related entries in the VARIoT vulnerabilities database: VAR-202309-0729, VAR-202105-1346

Trust: 5.75

Fetched: June 4, 2025, 9:19 a.m., Published: June 3, 2025, 7:34 p.m.
 Vulnerabilities: code injection, os command injection, command injection...
Affected productsExternal IDs
vendor: asus model: routers
vendor: asus model: asus
db: NVD ids: CVE-2023-39780, CVE-2025-3935, CVE-2024-56145, CVE-2025-35939, CVE-2021-32030

Increased Exploitation Risk for Critical Cisco Vulnerability: What You Need to Know - UNDERCODE NEWS

Trust: 4.5

Fetched: June 4, 2025, 9:18 a.m., Published: June 4, 2025, 1:43 a.m.
 Vulnerabilities: file upload vulnerability, path traversal
Affected productsExternal IDs
vendor: cisco model: wireless controller
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe software
vendor: cisco systems model: wireless controller
vendor: cisco systems model: cisco ios xe
vendor: cisco systems model: ios xe
vendor: cisco systems model: cisco ios
vendor: cisco systems model: ios xe software
db: NVD ids: CVE-2025-20188

Android Security Update - Patch for Vulnerabilities that Allows Privilege Escalation

Trust: 4.5

Fetched: June 4, 2025, 9:16 a.m., Published: June 3, 2025, 3:42 p.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-53026, CVE-2025-0835, CVE-2025-0073, CVE-2024-53010, CVE-2025-0819, CVE-2024-53021, CVE-2024-53020, CVE-2024-53019, CVE-2025-27029, CVE-2024-47893, CVE-2024-12837, CVE-2024-12576, CVE-2025-21486, CVE-2025-21485, CVE-2025-0478, CVE-2025-25178, CVE-2025-21424, CVE-2025-0468

Update Microsoft SharePoint Server 2016: KB5002722: resolves a Microsoft SharePoint Server remote code execution vulnerability

Trust: 4.25

Fetched: June 4, 2025, 9:15 a.m., Published: June 4, 2016, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-30384, CVE-2025-30382, CVE-2025-30378, CVE-2025-29976

ASUS router backdoors affect 9K devices, persist after firmware updates | SC Media

Related entries in the VARIoT vulnerabilities database: VAR-202105-1346, VAR-202309-0729

Trust: 4.75

Fetched: June 4, 2025, 9:15 a.m., Published: Oct. 15, 2024, 6 p.m.
 Vulnerabilities: authentication bypass, command injection
Affected productsExternal IDs
vendor: asus model: routers
vendor: asus model: router
vendor: asus model: rt-ac3200
vendor: asus model: rt-ac3100
vendor: asus model: rt-ac3100 firmware
vendor: asus model: asus
vendor: asus model: gt-ac2900
db: NVD ids: CVE-2021-32030, CVE-2023-39780

Cisco Clears VPN Vulnerabilities - ISSSource

Trust: 4.5

Fetched: June 4, 2025, 9:14 a.m., Published: June 3, 2025, 7:14 p.m.
 Vulnerabilities: resource management vulnerability
Affected productsExternal IDs
vendor: cisco model: meraki mx
vendor: cisco model: series
vendor: cisco model: meraki mx firmware
db: NVD ids: CVE-2024-20502, CVE-2024-20501, CVE-2024-20500, CVE-2024-20513, CVE-2024-20498, CVE-2024-20499

ABB M2M Gateway Improper Privilege Management in embedded De... - vulnerability database | Vulners.com

Trust: 4.25

Fetched: June 4, 2025, 9:13 a.m., Published: May 27, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-41973, CVE-2022-41974