Sign-up

VARIoT news about IoT security

WhatsApp patches vulnerability exploited in zero-day attacks - PRSOL:CC

Trust: 3.75

Fetched: Aug. 31, 2025, 11:14 a.m., Published: Aug. 31, 2025, 5:22 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2025-55177, CVE-2025-43300

Citrix Netscaler 0-day RCE Vulnerability Patched - Vulnerable Instances Reduced from 28.2K to 12.4K

Trust: 5.75

Fetched: Aug. 31, 2025, 11:13 a.m., Published: Aug. 29, 2025, 3:47 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: internet security
vendor: citrix model: netscaler
db: NVD ids: CVE-2025-7775

RCE Vulnerability in Hikvision Device | Wattlecorp Cybersecurity Labs

Trust: 4.25

Fetched: Aug. 31, 2025, 11:12 a.m., Published: Aug. 29, 2025, 12:11 p.m.
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
vendor: dropbear model: dropbear ssh
vendor: hikvision model: hikvision
vendor: hikvision model: ds-2cd3xx5
vendor: hikvision model: ip cameras
db: NVD ids: CVE-2021-36260

WhatsApp fixes ‘zero-click’ vulnerability that let hackers install spyware on iPhones and Macs | Mint

Trust: 5.0

Fetched: Aug. 31, 2025, 11:12 a.m., Published: Aug. 31, 2025, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
db: NVD ids: CVE-2025-43300, CVE-2025-55177

CERT-EU - Multiple Vulnerabilities in Fortinet Products

Trust: 4.0

Fetched: Aug. 31, 2025, 11:12 a.m., Published: -
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-26009, CVE-2025-25256, CVE-2025-52970

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices

Trust: 4.75

Fetched: Aug. 31, 2025, 11:11 a.m., Published: Aug. 29, 2025, 7:14 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos
vendor: google model: android
db: NVD ids: CVE-2025-55177, CVE-2025-43300

WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users

Trust: 4.75

Fetched: Aug. 31, 2025, 10:59 a.m., Published: Aug. 29, 2025, 5:07 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2025-55177, CVE-2025-43300

WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices

Trust: 4.75

Fetched: Aug. 31, 2025, 10:58 a.m., Published: Aug. 30, 2025, 4:36 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos
db: NVD ids: CVE-2025-55177, CVE-2025-43300

Citrix Bleed 3? Attackers are already exploiting new security vulnerabilities | heise online

Trust: 3.75

Fetched: Aug. 29, 2025, 10:06 a.m., Published: Aug. 27, 2025, 7:27 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler gateway
vendor: citrix model: netscaler
db: NVD ids: CVE-2025-8424, CVE-2025-7776, CVE-2025-7775, CVE-2025-5777

Update Canonical Ubuntu Desktop: USN-7694-1: libxml2 vulnerabilities

Trust: 6.0

Fetched: Aug. 29, 2025, 10:05 a.m., Published: Jan. 29, 7694, midnight
 Vulnerabilities: denial of service, integer overflow
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-49796, CVE-2025-6170, CVE-2025-49794, CVE-2025-6021

CVE-2025-48000: Critical Privilege Escalation Vulnerability in Windows Connected Devices Platform Service - Cybersecurity Exploit Tracker by Ameeba

Trust: 4.75

Fetched: Aug. 29, 2025, 10:05 a.m., Published: Aug. 17, 2025, 7:41 p.m.
 Vulnerabilities: privilege escalation, use after free
Affected productsExternal IDs
db: NVD ids: CVE-2025-48000

How Cybersecurity Tools Are Protecting Healthcare IoT Devices

Trust: 3.25

Fetched: Aug. 29, 2025, 10:04 a.m., Published: Aug. 8, 2025, 8:43 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: antivirus
vendor: samsung model: samsung
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy

Cisco NX-OS Software Sensitive Log Information Disclosure Vulnerability

Trust: 5.0

Fetched: Aug. 29, 2025, 10:02 a.m., Published: Aug. 27, 2025, 3:57 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus 7000
vendor: cisco model: nx-os software
vendor: cisco model: series switches
vendor: cisco model: nexus 3000
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: nexus 9000
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus

Wireless Attacks - GeeksforGeeks

Trust: 4.25

Fetched: Aug. 29, 2025, 10:02 a.m., Published: Jan. 16, 2019, 7:47 p.m.
 Vulnerabilities: replay attack, denial of service, service disruption...
Affected productsExternal IDs
vendor: wireshark model: wireshark
vendor: aircrack-ng model: aircrack-ng

Cybersecurity in the IoT Era - Recru

Trust: 3.75

Fetched: Aug. 29, 2025, 10:01 a.m., Published: Aug. 26, 2025, 4:23 p.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

Security Bulletin: NVIDIA GPU Display Drivers - July 2025 | NVIDIA

Trust: 4.5

Fetched: Aug. 29, 2025, 10:01 a.m., Published: July 29, 2025, midnight
 Vulnerabilities: buffer overflow, denial of service, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2025-23278, CVE-2025-23290, CVE-2025-23281, CVE-2025-23288, CVE-2025-23277, CVE-2025-23279, CVE-2025-23276, CVE-2025-23283, CVE-2025-23284, CVE-2025-23286, CVE-2025-23287, CVE-2025-23285

Microsoft just fixed over 107 flaws including one serious zero-day - update your PC right now | Tom's Guide

Trust: 4.75

Fetched: Aug. 29, 2025, 10 a.m., Published: Aug. 13, 2025, 4:08 p.m.
 Vulnerabilities: denial of service, code execution, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-53779

The Doom of Device Drivers: Your Android Device (Most Likely) has N-Day Kernel Vulnerabilities - Graz University of Technology

Trust: 3.0

Fetched: Aug. 29, 2025, 9:58 a.m., Published: July 28, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Critical Zero-Day Vulnerability CVE-2025-43300 In Apple Devices: Emergency Security Updates Released

Related entries in the VARIoT vulnerabilities database: VAR-202501-3666

Trust: 5.5

Fetched: Aug. 29, 2025, 9:57 a.m., Published: Aug. 25, 2025, 7:36 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: macos
db: NVD ids: CVE-2025-24201, CVE-2025-31200, CVE-2025-43300, CVE-2025-31201, CVE-2025-24085, CVE-2025-24200

What Is Internet of Medical Things (IoMT) Security? Overview - Palo Alto Networks

Trust: 4.5

Fetched: Aug. 29, 2025, 9:55 a.m., Published: Aug. 5, 2025, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks