Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

CVE-2024-44179 : Physical Access Vulnerability in Apple iOS and macOS Devices | SecurityVulnerability.io

Trust: 4.25

Fetched: March 12, 2025, 9:28 a.m., Published: March 10, 2025, 7:11 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2024-44179

CVE-2024-58082 : Linux Kernel Vulnerability in Nuvoton Media Device Initialization | SecurityVulnerability.io

Trust: 3.25

Fetched: March 12, 2025, 9:28 a.m., Published: March 6, 2025, 4:13 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-58082

Undocumented code could leave several smart home gadgets exposed

Trust: 5.0

Fetched: March 12, 2025, 9:26 a.m., Published: March 10, 2025, 1:55 p.m.
 Vulnerabilities: device impersonation
Affected productsExternal IDs
db: NVD ids: CVE-2025-27840

Apple Fixed Another Zero-day Security Vulnerability: Update Your Devices Now

Trust: 3.75

Fetched: March 12, 2025, 9:25 a.m., Published: March 11, 2025, 9:07 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: ipad air
db: NVD ids: CVE-2025-24201, CVE-2025-24200, CVE-2025-24085

Cyble Sensors Detect Exploit Attempts On WordPress Plugins, Network Devices

Trust: 5.5

Fetched: March 12, 2025, 9:24 a.m., Published: March 11, 2025, 7:42 a.m.
 Vulnerabilities: information disclosure, command injection, path traversal...
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: palo alto networks model: pan-os
vendor: korenix model: jetport
vendor: korenix model: jetport 5601
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo model: pan-os
vendor: check point model: check point
vendor: check point model: express
db: NVD ids: CVE-2024-33575, CVE-2024-2876, CVE-2024-11303, CVE-2024-24919, CVE-2024-9593, CVE-2024-11972, CVE-2024-7593, CVE-2024-3400

2025 March KB5053598 KB5053602 Windows 11 Patch 7 Zero-Day Vulnerabilities And 57 Flaws HTMD Blog

Trust: 4.5

Fetched: March 12, 2025, 9:24 a.m., Published: March 11, 2025, 6:09 p.m.
 Vulnerabilities: code execution, information disclosure, feature bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2025-24984, CVE-2025-24985, CVE-2025-26633, CVE-2025-24991, CVE-2025-24993, CVE-2025-26630, CVE-2025-24983

Security Researchers Warn of Vulnerabilities in Millions of IoT Devices - Softonic

Trust: 3.0

Fetched: March 12, 2025, 9:23 a.m., Published: March 12, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-27840

Apple patches 0-day exploited in “extremely sophisticated attack” - Ars Technica

Trust: 4.0

Fetched: March 12, 2025, 9:23 a.m., Published: March 11, 2025, 8:26 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: webkit
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: ipad air
db: NVD ids: CVE-2025-24201

Siemens RUGGEDCOM ROX Devices | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202110-0522

Trust: 3.75

Fetched: March 12, 2025, 9:22 a.m., Published: Dec. 22, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: ruggedcom rox rx5000
vendor: siemens model: ruggedcom rox rx1510
vendor: siemens model: ruggedcom rox rx1500
vendor: siemens model: ruggedcom rox rx1524
vendor: siemens model: ruggedcom rox rx1511
vendor: siemens model: ruggedcom rox rx1512
vendor: siemens model: ruggedcom rox rx1536
vendor: siemens model: ruggedcom rox rx1400
vendor: siemens model: ruggedcom rox rx1501
vendor: siemens model: ruggedcom
vendor: siemens model: ruggedcom rox mx5000
db: NVD ids: CVE-2021-41546

Apple fixes security flaw allowing third-party access to locked devices | The Record from Recorded Future News

Trust: 3.75

Fetched: March 11, 2025, 9:30 a.m., Published: Feb. 11, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: ipad air
vendor: apple model: iphone
db: NVD ids: CVE-2025-24200

Critical DrayTek Router Vulnerabilities Expose Devices to RCE Attacks

Trust: 4.5

Fetched: March 11, 2025, 9:30 a.m., Published: March 7, 2025, 1:26 p.m.
 Vulnerabilities: code execution, integer overflow, buffer overflow...
Affected productsExternal IDs
vendor: draytek model: routers
vendor: draytek model: vigor
vendor: draytek model: draytek routers
db: NVD ids: CVE-2024-41340, CVE-2024-41336, CVE-2024-41338, CVE-2024-51139, CVE-2024-41339, CVE-2024-41335, CVE-2024-51138

Mobile Security with Device Integrity: Protecting Against Cyber Threats

Trust: 3.75

Fetched: March 11, 2025, 9:26 a.m., Published: March 10, 2025, 1:57 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: quick heal model: quick heal

Hidden Commands in Bluetooth Chip Expose Over a Billion Devices • iPhone in Canada Blog

Trust: 3.0

Fetched: March 11, 2025, 9:25 a.m., Published: March 10, 2025, 6:33 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-27840

New Android RAT Dubbed “AndroRAT” Attacking to Steal Pattern, PIN & Passcodes

Trust: 4.75

Fetched: March 11, 2025, 9:25 a.m., Published: March 4, 2025, 12:20 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: trend model: antivirus
vendor: trend model: security
vendor: google model: android
db: NVD ids: CVE-2015-1805

Python JSON Logger Vulnerability Exposes Millions of Users

Trust: 3.0

Fetched: March 11, 2025, 9:24 a.m., Published: March 11, 2025, 8:13 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-27607

Moxa Industrial Ethernet Switches Vulnerability Let Attackers Gain Admin Access

Trust: 5.75

Fetched: March 11, 2025, 9:24 a.m., Published: March 10, 2025, 2:43 p.m.
 Vulnerabilities: authentication bypass, default credentials, traffic interception
Affected productsExternal IDs
vendor: moxa model: pt-7728
vendor: moxa model: pt-7528 series
db: NVD ids: CVE-2024-12297

PoC Exploit Released for Actively Exploited Linux Kernel Write Vulnerability

Trust: 6.0

Fetched: March 11, 2025, 9:24 a.m., Published: March 8, 2025, 11:01 a.m.
 Vulnerabilities: privilege escalation, code execution, memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-53104

Critical Vulnerabilities in Hitachi Energy's PCU400: Implications for Windows Security | Windows Forum

Related entries in the VARIoT vulnerabilities database: VAR-202302-0482, VAR-202302-0195

Trust: 4.5

Fetched: March 11, 2025, 9:21 a.m., Published: May 11, 2025, midnight
 Vulnerabilities: buffer overrun, use after free, application crash
Affected productsExternal IDs
db: NVD ids: CVE-2023-0286, CVE-2022-4304, CVE-2023-0401, CVE-2022-4450, CVE-2022-4203, CVE-2023-0216, CVE-2023-0215, CVE-2023-0217

Common Wireless and Mobile Device Attacks - InfosecTrain

Trust: 3.75

Fetched: March 11, 2025, 9:21 a.m., Published: July 25, 2023, 5 a.m.
 Vulnerabilities: replay attack
Affected productsExternal IDs

Schneider Electric NMC cards and Embedded Devices | CISA

Trust: 4.5

Fetched: March 11, 2025, 9:16 a.m., Published: Nov. 9, 2021, midnight
 Vulnerabilities: cross-site scripting, script execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-22812, CVE-2021-22815, CVE-2021-22814, CVE-2021-22810, CVE-2021-22813, CVE-2021-22811