VARIoT latest news about IoT security

TALOS-2024-2071 \|\| Cisco Talos Intelligence Group - Comprehensive Threat Intelligence Trust: 3.5 Fetched: Aug. 26, 2025, 10:41 a.m., Published: Aug. 19, 2025, midnight	Vulnerabilities: buffer overflow, code execution

Affected products	External IDs

Kernel Panic Vulnerability in Linux Package: Uninitialized Device Structs in IIO Drivers Trust: 5.25 Fetched: Aug. 26, 2025, 10:38 a.m., Published: Aug. 11, 2025, midnight	Vulnerabilities: kernel panic

Affected products

External IDs

db:

NVD

ids:

CVE-2025-38531

BadCam: Turning Linux Webcams Into BadUSB Attack Tools - Eclypsium \| Supply Chain Security for the Modern Enterprise Trust: 6.25 Fetched: Aug. 26, 2025, 10:37 a.m., Published: Aug. 9, 2025, 6:59 p.m.	Vulnerabilities: code execution, signature validation flaw

Affected products

External IDs

vendor:	lenovo	model:	edge
vendor:	lenovo	model:	system
vendor:	lenovo	model:	updates

db:

NVD

ids:

CVE-2025-4371

CVE-2025-20265 - "Cisco Secure Firewall Management Center RADIUS Command Injection Vulnerability" Trust: 4.25 Fetched: Aug. 26, 2025, 10:37 a.m., Published: Aug. 14, 2025, 5:15 p.m.	Vulnerabilities: command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2025-20265

CVE-2025-20265 \| Tenable® Trust: 3.5 Fetched: Aug. 26, 2025, 10:24 a.m., Published: Aug. 15, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-20265

Apple iOS update fixes new iPhone zero-day flaw \| Computer Weekly Trust: 4.75 Fetched: Aug. 26, 2025, 10:24 a.m., Published: Aug. 21, 2025, midnight	Vulnerabilities: memory corruption

Affected products

External IDs

vendor:	apple	model:	software update
vendor:	apple	model:	webkit
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2025-43300

Latest Cybersecurity Vulnerabilities \| Real-Time CVE Database Related entries in the VARIoT vulnerabilities database: VAR-202508-2757 Trust: 5.25 Fetched: Aug. 26, 2025, 10:23 a.m., Published: -	Vulnerabilities: buffer overflow, resource exhaustion, code execution...

Affected products

External IDs

vendor:	tenda	model:	router
vendor:	d-link	model:	router
vendor:	d-link	model:	dcs-825l firmware
vendor:	d-link	model:	dcs-825l

db:

NVD

ids:

CVE-2025-55613, CVE-2025-55627, CVE-2024-53499, CVE-2025-55581, CVE-2025-57800, CVE-2025-52287, CVE-2025-57105, CVE-2025-55634, CVE-2025-43760, CVE-2025-57771, CVE-2025-52085, CVE-2025-57770, CVE-2024-52786, CVE-2025-55631, CVE-2025-55629, CVE-2025-55745, CVE-2024-50645, CVE-2025-55637, CVE-2025-55630, CVE-2024-53496

CVE-2025-8731 : SSH Service Vulnerability in TRENDnet Devices Trust: 3.5 Fetched: Aug. 24, 2025, 10:02 a.m., Published: Aug. 8, 2025, 3:32 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-8731

CVE-2020-25078 - D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability - [Actively Exploited] Related entries in the VARIoT vulnerabilities database: VAR-202205-0394, VAR-202205-0957, VAR-202303-1844, VAR-202009-0782 Trust: 3.75 Fetched: Aug. 24, 2025, 10:01 a.m., Published: Sept. 2, 2020, 4:15 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	d-link	model:	dcs-2530l
vendor:	d-link	model:	dcs-2670l

db:

NVD

ids:

CVE-2022-1388, CVE-2023-27372, CVE-2024-5084, CVE-2024-36401, CVE-2025-48828, CVE-2022-29464, CVE-2022-30525, CVE-2023-28432, CVE-2025-48827, CVE-2024-9047, CVE-2020-25078, CVE-2023-34960, CVE-2025-3248, CVE-2024-25600, CVE-2025-3102, CVE-2025-53770

Apple iOS 18.6 Fixes Dozens Of Urgent Security Flaws For Millions Of iPhones, Update ASAP \| HotHardware Trust: 3.0 Fetched: Aug. 24, 2025, 10:01 a.m., Published: July 30, 2025, 3:49 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	webkit
vendor:	apple	model:	iphone
vendor:	apple	model:	software update

What is IoT Security? - Palo Alto Networks Trust: 4.25 Fetched: Aug. 24, 2025, 9:59 a.m., Published: Aug. 5, 2025, midnight	Vulnerabilities: command injection, code execution

Affected products

External IDs

vendor:	palo	model:	networks
vendor:	palo alto networks	model:	networks

OWASP Top 10 Vulnerabilities: Updated - GeeksforGeeks Trust: 3.5 Fetched: Aug. 24, 2025, 9:59 a.m., Published: Dec. 10, 2020, 7:32 a.m.	Vulnerabilities: default credentials, default administrator username, request forgery...

Affected products

External IDs

vendor:

essential

model:

phone

Video: How to identify and manage device security vulnerabilities with Samsung Knox \| Knox Asset Intelligence \| Samsung Knox Documentation Trust: 3.0 Fetched: Aug. 24, 2025, 9:58 a.m., Published: July 29, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	samsung	model:	knox
vendor:	samsung	model:	samsung

9 Vulnerability Management Vendors in 2025 \| SentinelOne Trust: 3.5 Fetched: Aug. 24, 2025, 9:57 a.m., Published: Aug. 19, 2025, 7:42 a.m.	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	threat response
vendor:	cisco	model:	routers
vendor:	check point	model:	check point
vendor:	palo	model:	networks
vendor:	trend	model:	security
vendor:	palo alto networks	model:	networks

Update Canonical Ubuntu Desktop: USN-7699-1: Linux kernel vulnerabilities* Trust: 3.0 Fetched: Aug. 24, 2025, 9:57 a.m., Published: Jan. 24, 7699, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

canonical

model:

ubuntu

Update Canonical Ubuntu Desktop: USN-7703-2: Linux kernel vulnerabilities Trust: 3.0 Fetched: Aug. 24, 2025, 9:57 a.m., Published: Feb. 24, 7703, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

canonical

model:

ubuntu

CVE-2025-38666 - net: appletalk: Fix use-after-free in AARP proxy probe - SecAlerts Trust: 3.75 Fetched: Aug. 24, 2025, 9:56 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2025-38666

Rockwell Automation 1756-ENT2R, 1756-EN4TR, 1756-EN4TRXT \| CISA Related entries in the VARIoT vulnerabilities database: VAR-202509-0459, VAR-202509-1087 Trust: 3.75 Fetched: Aug. 24, 2025, 9:56 a.m., Published: -	Vulnerabilities: denial of service

Affected products

External IDs

db:

NVD

ids:

CVE-2025-8008, CVE-2025-8007

CVE-2025-38649 - arm64: dts: qcom: qcs615: fix a crash issue caused by infinite loop for Coresight - SecAlerts Trust: 4.5 Fetched: Aug. 24, 2025, 9:55 a.m., Published: -	Vulnerabilities: infinite loop issue, denial of service, system crash

Affected products

External IDs

db:

NVD

ids:

CVE-2025-38649

Apple Fixes Critical Vulnerability That Put Your Crypto in Danger \| MEXC News Trust: 3.75 Fetched: Aug. 24, 2025, 9:54 a.m., Published: Aug. 22, 2025, 11:44 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	macos
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2025-43300

VARIoT news about IoT security