VARIoT latest news about IoT security

Apple patches zero-click exploit threatening crypto users - TradingView News India Trust: 3.0 Fetched: Aug. 24, 2025, 9:41 a.m., Published: Aug. 27, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

Update Your Apple Devices ASAP to Patch This Major Security Flaw \| Lifehacker Trust: 4.0 Fetched: Aug. 24, 2025, 9:41 a.m., Published: Aug. 21, 2025, 6 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	apple	model:	ipad
vendor:	apple	model:	macos
vendor:	apple	model:	ipad air
vendor:	apple	model:	iphone
vendor:	apple	model:	software update

db:

NVD

ids:

CVE-2025-43300

Apple Patches Zero-Click Exploit Threatening Crypto Users Trust: 3.0 Fetched: Aug. 24, 2025, 9:41 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

apple

model:

macos

Apple Zero-Day CVE-2025-43300 Exploited Related entries in the VARIoT vulnerabilities database: VAR-202501-3666 Trust: 4.25 Fetched: Aug. 24, 2025, 9:40 a.m., Published: Aug. 24, 2025, 8 a.m.	Vulnerabilities: privilege escalation, memory corruption, code execution

Affected products

External IDs

vendor:	trend	model:	security
vendor:	apple	model:	ipad
vendor:	apple	model:	macos
vendor:	apple	model:	iphone

db:

NVD

ids:

CVE-2025-24201, CVE-2025-43300, CVE-2025-43200, CVE-2025-31201, CVE-2025-24200, CVE-2025-24085, CVE-2025-31200

10 common cybersecurity threats and attacks: 2025 update \| ConnectWise Trust: 4.5 Fetched: Aug. 22, 2025, 9:46 a.m., Published: Aug. 10, 2025, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:	trend	model:	security
vendor:	essential	model:	phone

Google fixed two Qualcomm bugs that were actively exploited in the wild Trust: 5.75 Fetched: Aug. 22, 2025, 9:44 a.m., Published: Aug. 6, 2025, 6:03 a.m.	Vulnerabilities: memory corruption, authorization issue, code execution...

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2025-27038, CVE-2025-21479, CVE-2025-21480, CVE-2025-48530

Multiple Vulnerabilities in Tridium Niagara Framework Related entries in the VARIoT vulnerabilities database: VAR-202505-2694, VAR-202505-3274, VAR-202505-3468, VAR-202505-2532, VAR-202505-2874, VAR-202505-3074, VAR-202505-3817, VAR-202505-3275, VAR-202505-3992, VAR-202505-3461 Trust: 5.5 Fetched: Aug. 22, 2025, 9:44 a.m., Published: July 25, 2025, 1:37 p.m.	Vulnerabilities: denial of service, code execution

Affected products

External IDs

vendor:	tridium	model:	niagara
vendor:	tridium	model:	tridium niagara
vendor:	tridium	model:	niagara framework
vendor:	tridium	model:	framework

db:

NVD

ids:

CVE-2025-3937, CVE-2025-3941, CVE-2025-3936, CVE-2025-3938, CVE-2025-3942, CVE-2025-3943, CVE-2025-3945, CVE-2025-3939, CVE-2025-3940, CVE-2025-3944

Critical Firmware Vulnerabilities Exposes Millions Of Dell Laptops To Device Takeover And Malware Attacks - Cybernoz - Cybersecurity News Trust: 5.25 Fetched: Aug. 22, 2025, 9:43 a.m., Published: Aug. 6, 2025, 3:53 a.m.	Vulnerabilities: information leakage, buffer overflow, code execution

Affected products

External IDs

vendor:	dell	model:	latitude
vendor:	cisco	model:	series

db:

NVD

ids:

CVE-2025-24922, CVE-2025-24919, CVE-2025-24311, CVE-2025-25215, CVE-2025-25050

Burk Technology ARC Solo \| CISA Trust: 3.0 Fetched: Aug. 22, 2025, 9:43 a.m., Published: Aug. 1, 2025, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-5095

Linux kernel, Poppler, Python, WEBrick updates for Ubuntu Trust: 4.5 Fetched: Aug. 22, 2025, 9:42 a.m., Published: Aug. 22, 2025, 5:34 a.m.	Vulnerabilities: denial of service, request smuggling attack

Affected products

External IDs

vendor:

alsa

model:

alsa

db:

NVD

ids:

CVE-2025-21783, CVE-2025-21782, CVE-2025-21773, CVE-2025-6442, CVE-2025-21864, CVE-2024-57834, CVE-2024-54456, CVE-2025-38043, CVE-2025-38004, CVE-2025-21856, CVE-2025-21823, CVE-2025-21766, CVE-2025-21762, CVE-2025-21867, CVE-2025-21869, CVE-2025-21760, CVE-2025-21871, CVE-2025-38031, CVE-2025-21861, CVE-2025-21761, CVE-2025-38075, CVE-2025-38044, CVE-2025-21746, CVE-2024-50073, CVE-2025-21790, CVE-2025-38078, CVE-2024-49950, CVE-2025-21853, CVE-2025-8194, CVE-2025-21866, CVE-2025-21795, CVE-2025-21870, CVE-2024-58088, CVE-2025-21706, CVE-2025-50420, CVE-2025-38052, CVE-2025-21792, CVE-2025-21868, CVE-2025-21767, CVE-2025-21844, CVE-2024-58086, CVE-2025-21772, CVE-2025-21855, CVE-2025-38051, CVE-2025-21791, CVE-2025-21836, CVE-2025-21858, CVE-2024-58093, CVE-2025-38058, CVE-2025-21862, CVE-2024-58020, CVE-2023-52975, CVE-2025-21821, CVE-2025-21796, CVE-2025-21775, CVE-2025-38077, CVE-2025-38065, CVE-2025-21785, CVE-2025-21854, CVE-2025-21847, CVE-2025-21759, CVE-2025-21776, CVE-2025-38072, CVE-2025-21848, CVE-2025-38048, CVE-2025-21763, CVE-2025-21764, CVE-2025-21704, CVE-2025-38079, CVE-2025-21779, CVE-2025-21758, CVE-2025-21765, CVE-2023-52757, CVE-2025-21768, CVE-2025-21835, CVE-2025-21846, CVE-2025-21859, CVE-2025-21787, CVE-2025-6069, CVE-2025-21712, CVE-2025-21781, CVE-2025-21863, CVE-2024-57977, CVE-2025-21839, CVE-2025-38066, CVE-2025-38037, CVE-2025-37797, CVE-2025-38034, CVE-2024-38541, CVE-2025-38061, CVE-2025-38083, CVE-2024-52559, CVE-2025-21780, CVE-2024-54458, CVE-2025-38035, CVE-2025-21857, CVE-2025-38003, CVE-2025-21786, CVE-2025-21784, CVE-2025-21838, CVE-2025-38068, CVE-2025-21793

FBI alert: Russian cyber actors targeting Cisco devices ~ NetworkTigers Related entries in the VARIoT vulnerabilities database: VAR-201803-1387 Trust: 4.75 Fetched: Aug. 22, 2025, 9:41 a.m., Published: Aug. 21, 2025, noon	Vulnerabilities: code execution

Affected products

External IDs

vendor:	cisco	model:	ios xe
vendor:	cisco	model:	routers
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2018-0171

Apple discloses actively exploited zero-day affecting iOS, iPadOS and macOS \| CyberScoop Trust: 4.75 Fetched: Aug. 22, 2025, 9:39 a.m., Published: Aug. 21, 2025, 10:07 p.m.	Vulnerabilities: memory corruption

Affected products

External IDs

vendor:	apple	model:	software update
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2025-43300

7000+ Citrix NetScaler Devices Still Vulnerable to CVE-2025-5777 and Trust: 4.25 Fetched: Aug. 22, 2025, 9:39 a.m., Published: Aug. 20, 2025, midnight	Vulnerabilities: authentication bypass, code execution

Affected products

External IDs

vendor:	citrix	model:	netscaler
vendor:	citrix	model:	gateway
vendor:	citrix	model:	netscaler gateway

db:

NVD

ids:

CVE-2025-6543, CVE-2025-5777

CVE-2025-43300 affects Apple Products - TheCyberThrone Related entries in the VARIoT vulnerabilities database: VAR-201704-1556, VAR-202206-0056, VAR-201505-0274, VAR-202201-1001 Trust: 5.5 Fetched: Aug. 22, 2025, 9:38 a.m., Published: Aug. 22, 2025, 2:48 a.m.	Vulnerabilities: file upload vulnerability, memory overwrite, code execution...

Affected products

External IDs

vendor:	realtek	model:	realtek sdk
vendor:	zyxel	model:	emg2926
vendor:	samsung	model:	mobile devices
vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung mobile
vendor:	samsung	model:	samsung
vendor:	apple	model:	ipad
vendor:	apple	model:	tvos
vendor:	apple	model:	iphone
vendor:	apple	model:	itunes
vendor:	apple	model:	webkit
vendor:	apple	model:	watchos
vendor:	apple	model:	ipad air
vendor:	apple	model:	safari
vendor:	apple	model:	macos

db:

NVD

ids:

CVE-2021-3129, CVE-2017-6884, CVE-2022-31459, CVE-2014-8361, CVE-2022-22265, CVE-2025-24201, CVE-2025-43300

CISA Warns Of ICS Vulnerabilities In Siemens, Tigo, EG4 Related entries in the VARIoT vulnerabilities database: VAR-202508-0152 Trust: 4.75 Fetched: Aug. 22, 2025, 9:38 a.m., Published: Aug. 22, 2025, 7:32 a.m.	Vulnerabilities: command injection

Affected products

External IDs

vendor:	wibu	model:	codemeter
vendor:	siemens	model:	desigo cc

db:

NVD

ids:

CVE-2025-53520, CVE-2025-47872, CVE-2025-40758, CVE-2025-7769, CVE-2025-47809, CVE-2025-52586, CVE-2025-46414, CVE-2025-7770, CVE-2025-7768

Russian hackers are using an old Cisco flaw to target network devices - here’s how you can stay safe \| IT Pro Related entries in the VARIoT vulnerabilities database: VAR-201803-1387 Trust: 3.75 Fetched: Aug. 22, 2025, 9:37 a.m., Published: Aug. 21, 2025, 10:30 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	ios xe software
vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios software
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios

db:

NVD

ids:

CVE-2018-0171

Cisco Identity Services Engine Arbitrary File Upload Vulnerability Trust: 5.0 Fetched: Aug. 22, 2025, 9:37 a.m., Published: Aug. 20, 2025, 4:43 p.m.	Vulnerabilities: file upload vulnerability

Affected products

External IDs

vendor:	cisco	model:	identity services engine
vendor:	cisco	model:	cisco identity services engine

CVE-2025-20269 - Cisco Evolved Programmable Network Manager and Prime Infrastructure Arbitrary File Download Vulnerability - SecAlerts Trust: 4.75 Fetched: Aug. 22, 2025, 9:35 a.m., Published: -	Vulnerabilities: file download vulnerability

Affected products

External IDs

vendor:	cisco	model:	prime infrastructure
vendor:	cisco	model:	evolved programmable network manager
vendor:	cisco	model:	cisco evolved programmable network manager

db:

NVD

ids:

CVE-2025-20269

iPhone, iPad and Mac users beware! Hackers can hijack your device with one image: How to be safe Trust: 4.75 Fetched: Aug. 22, 2025, 9:35 a.m., Published: Aug. 21, 2025, 2:14 p.m.	Vulnerabilities: memory corruption

Affected products

External IDs

vendor:	apple	model:	ipad air
vendor:	apple	model:	ipad
vendor:	apple	model:	macos
vendor:	apple	model:	iphone

Update Microsoft SQL Server 2017: KB5063759: Fixes a SQL injection vulnerability in a system stored procedure Trust: 3.0 Fetched: Aug. 22, 2025, 9:35 a.m., Published: Aug. 22, 2017, midnight	Vulnerabilities: sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2025-53727, CVE-2025-49759, CVE-2025-49758, CVE-2025-24999

VARIoT news about IoT security