Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

02/05/25: Critical 0-Day and Other Vulnerabilities in Android Devices | UCSF IT

Trust: 3.25

Fetched: Feb. 21, 2025, 9:35 a.m., Published: Feb. 5, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Cybersecurity Threat Advisory: Critical Juniper vulnerability

Trust: 6.25

Fetched: Feb. 21, 2025, 9:32 a.m., Published: Feb. 19, 2025, 4:55 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: barracuda model: barracuda
db: NVD ids: CVE-2025-21589

Chrome Extension Vulnerability Exposes Critical ‘Syncjacking’ Threat: Your Device at Risk - ClickControl IT & Cybersecurity

Trust: 3.0

Fetched: Feb. 21, 2025, 9:32 a.m., Published: Feb. 11, 2025, 8:16 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome

Dell Precision 5530 System BIOS | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 21, 2025, 9:32 a.m., Published: Feb. 21, 5530, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: precision 5530
vendor: dell model: bios

Palo Alto warns firewalls flaws are under active attack • The Register

Trust: 5.5

Fetched: Feb. 21, 2025, 9:31 a.m., Published: -
 Vulnerabilities: authentication bypass, privilege escalation, access control issue
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
db: NVD ids: CVE-2025-0111, CVE-2024-9474, CVE-2025-0108

Update Canonical Ubuntu Server: USN-7270-1: OpenSSH vulnerabilities

Trust: 5.0

Fetched: Feb. 21, 2025, 9:31 a.m., Published: Jan. 21, 7270, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-26466, CVE-2025-26465

Essential Insights into Mobile Device Vulnerabilities for Businesses | MoldStud

Trust: 3.75

Fetched: Feb. 21, 2025, 9:30 a.m., Published: Feb. 12, 2025, midnight
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: trend model: security

Update Canonical Ubuntu Server: USN-7272-1: Symfony vulnerabilities

Trust: 4.75

Fetched: Feb. 21, 2025, 9:30 a.m., Published: Jan. 21, 7272, midnight
 Vulnerabilities: request forgery, cross-site request forgery
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-50340, CVE-2024-50342, CVE-2024-50345, CVE-2024-51996, CVE-2024-50343, CVE-2024-50341, CVE-2023-46734, CVE-2022-24894, CVE-2022-24895

Microsoft launches firmware update for Surface devices to fix security vulnerabilities

Trust: 4.0

Fetched: Feb. 21, 2025, 9:24 a.m., Published: Feb. 20, 2025, 4:23 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2024-44074

Juniper Networks Releases Patch for Session Smart Router Vulnerability - Thailand Computer Emergency Response Team (ThaiCERT)

Trust: 3.25

Fetched: Feb. 21, 2025, 9:23 a.m., Published: Feb. 20, 2025, 8:19 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-2973, CVE-2025-21589

NVIDIA CUDA Toolkit Vulnerabilities Expose Systems to Potential DoS Attacks

Trust: 4.5

Fetched: Feb. 21, 2025, 9:22 a.m., Published: Feb. 20, 2025, 12:52 p.m.
 Vulnerabilities: integer overflow, information disclosure
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: networks
db: NVD ids: CVE-2024-53878, CVE-2024-53870

SANS Stormcast Friday Feb 21st: Kibana Queries; Mongoose Injection; U-Boot Flaws; Unifi Protect Camera Vulnerabilities; Protecting Network Devices as Endpoint (Austin Clark @sans_edu) - SANS Internet Storm Center

Trust: 3.5

Fetched: Feb. 21, 2025, 9:21 a.m., Published: Feb. 21, 2025, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: palo model: networks
vendor: huawei model: nice
vendor: huawei model: huawei
vendor: cisco model: wireless lan controllers
vendor: cisco model: routers

Printer vulnerabilities expose security weaknesses in HP, Xerox, and Lexmark devices - The Recycler - 19/02/2025

Trust: 4.5

Fetched: Feb. 21, 2025, 9:20 a.m., Published: Feb. 19, 2025, 9:10 a.m.
 Vulnerabilities: request forgery, privilege escalation, code execution
Affected productsExternal IDs
vendor: xerox model: phaser
vendor: xerox model: workcentre
vendor: lexmark model: lexmark
vendor: lexmark model: printer
db: NVD ids: CVE-2022-23968, CVE-2023-23560

Hackers Exploiting Ivanti Connect Secure RCE Vulnerability to Install SPAWNCHIMERA Malware

Trust: 5.0

Fetched: Feb. 21, 2025, 9:19 a.m., Published: Feb. 12, 2025, 9:31 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: google model: home
db: NVD ids: CVE-2025-0282

2024 Vulnerability Scanning Surges 91% | F5 Labs

Related entries in the VARIoT vulnerabilities database: VAR-202303-1268, VAR-201805-0262, VAR-202203-0233

Trust: 6.25

Fetched: Feb. 21, 2025, 9:19 a.m., Published: Feb. 18, 2025, 11:34 a.m.
 Vulnerabilities: code injection, authentication bypass, code execution...
Affected productsExternal IDs
vendor: tp-link model: gateway
vendor: tp-link model: routers
vendor: trend model: security
db: NVD ids: CVE-2023-1389, CVE-2020-8958, CVE-2022-24847, CVE-2020-11625, CVE-2017-9841, CVE-2018-10561, CVE-2024-3721, CVE-2023-23752, CVE-2022-22947, CVE-2022-42457, CVE-2018-1056

Microsoft releases new firmware for several Surface devices to address security issues - Neowin

Trust: 4.0

Fetched: Feb. 21, 2025, 9:18 a.m., Published: Feb. 10, 2025, midnight
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-44074

Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability

Trust: 5.0

Fetched: Feb. 21, 2025, 9:17 a.m., Published: Feb. 19, 2025, 3:54 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: series

CISA Advisory: Critical Vulnerability in ABB ICS Devices and Its Security Implications | Windows Forum

Trust: 3.75

Fetched: Feb. 21, 2025, 9:16 a.m., Published: May 21, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-51547

CVE-2025-0112 : Vulnerability in Cortex XDR Agent Affects Windows Devices by Palo Alto Networks | SecurityVulnerability.io

Trust: 3.75

Fetched: Feb. 21, 2025, 9:16 a.m., Published: Feb. 20, 2025, 12:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks
db: NVD ids: CVE-2025-0112

Critical Vulnerabilities in ABB FLXEON Controllers: CISA Advisory Insights | Windows Forum

Trust: 3.25

Fetched: Feb. 21, 2025, 9:15 a.m., Published: May 21, 2025, midnight
 Vulnerabilities: information disclosure, code execution, default credentials...
Affected productsExternal IDs
vendor: parallels model: desktop
vendor: parallels model: tools
vendor: trend model: security