Sign-up

VARIoT news about IoT security

CVE-2025-9214 : Missing Authentication Vulnerability in Lenovo Printers

Trust: 5.75

Fetched: Sept. 12, 2025, 11:30 a.m., Published: Sept. 11, 2025, 6:33 p.m.
 Vulnerabilities: authentication vulnerability
Affected productsExternal IDs
vendor: lenovo model: system
vendor: cups model: cups
db: NVD ids: CVE-2025-9214

Apple releases fix for a zero-day threat in iOS, iPadOS and macOS - gHacks Tech News

Trust: 5.0

Fetched: Sept. 12, 2025, 11:29 a.m., Published: Aug. 21, 2025, 2 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: watchos
vendor: apple model: watch
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: ipad air
db: NVD ids: CVE-2025-43300

NetScaler warns hackers are exploiting zero-day vulnerability | Cybersecurity Dive

Trust: 4.0

Fetched: Sept. 12, 2025, 11:29 a.m., Published: Aug. 27, 2025, midnight
 Vulnerabilities: denial of service, code execution, service disruption
Affected productsExternal IDs
db: NVD ids: CVE-2025-7776, CVE-2025-7775, CVE-2025-8424

CVE-2025-20159 - Cisco IOS XR Software Management Interface ACL Bypass Vulnerability - SecAlerts

Trust: 3.75

Fetched: Sept. 12, 2025, 11:28 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xr software
vendor: cisco model: cisco ios xr
vendor: cisco model: ios xr
vendor: cisco model: cisco ios
db: NVD ids: CVE-2025-20159

CISA Warns of Critical SunPower Flaw Allowing Full Device Takeover

Trust: 3.0

Fetched: Sept. 12, 2025, 11:28 a.m., Published: Sept. 3, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-9696

Critical Vulnerability Found in Industrial Device Protocol | Luis Oria Seidel posted on the topic | LinkedIn

Trust: 3.0

Fetched: Sept. 12, 2025, 11:27 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs

[2509.09158] IoTFuzzSentry: A Protocol Guided Mutation Based Fuzzer for Automatic Vulnerability Testing in Commercial IoT Devices

Trust: 5.0

Fetched: Sept. 12, 2025, 11:26 a.m., Published: Sept. 11, 2025, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-41623, CVE-2024-42531

Siemens SINAMICS Drives | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202509-0363

Trust: 3.5

Fetched: Sept. 12, 2025, 11:26 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: sinamics
vendor: siemens model: sinamics s210
db: NVD ids: CVE-2025-40594

Cisco Secure Firewall Management Center Software RADIUS Remote Code Execution Vulnerability - Cisco

Trust: 4.0

Fetched: Sept. 12, 2025, 11:23 a.m., Published: Aug. 28, 2025, 7:45 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: asa software

Siemens Apogee PXC and Talon TC Devices - IT Security News

Trust: 4.75

Fetched: Sept. 12, 2025, 11:23 a.m., Published: Sept. 11, 2025, 5:35 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: talon tc
vendor: siemens model: apogee pxc
db: NVD ids: CVE-2025-40757

What's New In iPadOS 18.6.2: Security and Update Details - SimplyMac

Trust: 5.5

Fetched: Sept. 12, 2025, 11:22 a.m., Published: Aug. 21, 2025, 6:40 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: macos
vendor: apple model: software update
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: ipad air
db: NVD ids: CVE-2025-43300

WhatsApp Identifies Vulnerability Targeting iOS and macOS Devices - iHLS

Trust: 5.0

Fetched: Sept. 12, 2025, 11:22 a.m., Published: Aug. 31, 2025, 12:30 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2025-55177, CVE-2025-43300

Siemens SIMATIC Virtualization as a Service (SIVaaS) | CISA

Trust: 3.75

Fetched: Sept. 12, 2025, 11:21 a.m., Published: Jan. 10, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: simatic
db: NVD ids: CVE-2025-40804

CVE-2025-36896: Elevation of Privilege Vulnerability in WLAN on Android Devices - Cybersecurity Exploit Tracker by Ameeba

Trust: 3.75

Fetched: Sept. 12, 2025, 11:21 a.m., Published: Sept. 10, 2025, 12:34 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
vendor: essential model: phone
db: NVD ids: CVE-2025-36896

CVE-2025-20340 - Cisco IOS XR Address Resolution Protocol Broadcast Storm Vulnerability - SecAlerts

Trust: 5.75

Fetched: Sept. 12, 2025, 11:20 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xr software
vendor: cisco model: cisco ios xr
vendor: cisco model: cisco ios
vendor: cisco model: ios xr
db: NVD ids: CVE-2025-20340

SACK Vulnerability | Digi International

Related entries in the VARIoT vulnerabilities database: VAR-201906-1175, VAR-201906-1176, VAR-201906-1174

Trust: 5.25

Fetched: Sept. 12, 2025, 11:20 a.m., Published: -
 Vulnerabilities: privilege escalation, integer overflow, denial of service...
Affected productsExternal IDs
vendor: digi international model: anywhereusb
vendor: digi model: anywhereusb
db: NVD ids: CVE-2019-11477, CVE-2018-20162, CVE-2019-11478, CVE-2019-11479, CVE-2019-5599

CVE-2025-20248 - Cisco IOS XR Software Image Verification Bypass Vulnerability - SecAlerts

Trust: 3.75

Fetched: Sept. 12, 2025, 11:18 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: ios xr software
vendor: cisco model: cisco ios xr
vendor: cisco model: cisco ios
vendor: cisco model: ios xr
db: NVD ids: CVE-2025-20248

Apple Fixes CVE-2025-43300 Zero-Day: Protect Your iOS, iPadOS & macOS Now - SecPod Blog

Trust: 5.75

Fetched: Sept. 12, 2025, 11:17 a.m., Published: Aug. 22, 2025, 12:34 p.m.
 Vulnerabilities: privilege escalation, code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2025-43300

CVE-2025-36901: Critical WLAN Vulnerability in Android Affecting Google Pixel Devices - Cybersecurity Exploit Tracker by Ameeba

Trust: 3.75

Fetched: Sept. 12, 2025, 11:15 a.m., Published: Sept. 10, 2025, 9:37 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2025-36901

CVE-2025-55234 - Vulnerability Details - OpenCVE

Trust: 3.0

Fetched: Sept. 12, 2025, 11:12 a.m., Published: Sept. 12, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-55234