Sign-up

VARIoT news about IoT security

Hackers Can Seize Control of Car Dashboards Through Modem Vulnerabilities

Trust: 4.5

Fetched: Dec. 21, 2025, 9:38 a.m., Published: Dec. 17, 2025, 10:53 a.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: google model: android
vendor: canary model: canary
db: NVD ids: CVE-2024-39432

SonicWall Devices Under Attack via New Zero-Day Vulnerability

Trust: 6.0

Fetched: Dec. 21, 2025, 9:37 a.m., Published: Dec. 2, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: sonicwall model: sma1000
db: NVD ids: CVE-2025-40602

CVE-2025-68238 - mtd: rawnand: cadence: fix DMA device NULL pointer dereference - SecAlerts

Trust: 3.25

Fetched: Dec. 21, 2025, 9:35 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-68238

VU#382314 - Vulnerability in UEFI firmware modules prevents IOMMU initialization on some UEFI-based motherboards

Trust: 3.75

Fetched: Dec. 21, 2025, 9:35 a.m., Published: Dec. 19, 2025, midnight
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: riot model: riot

Understanding CVE-2025-66647: RIOT OS IPv6 Fragmentation Vulnerability

Trust: 5.75

Fetched: Dec. 21, 2025, 9:33 a.m., Published: Dec. 21, 2025, midnight
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: riot model: riot
db: NVD ids: CVE-2025-66647

CVE-2025-68236 - scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down (PC=3) - SecAlerts

Trust: 3.0

Fetched: Dec. 21, 2025, 9:32 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-68236

How To Check If Your Smart Home Devices Are Vulnerable To Hacking

Trust: 4.5

Fetched: Dec. 21, 2025, 9:32 a.m., Published: Dec. 10, 2025, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: google model: google home
vendor: google model: home
vendor: wireshark model: wireshark

Access Denied

Trust: 3.0

Fetched: Dec. 21, 2025, 9:31 a.m., Published: Dec. 18, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad

Russia's Sandworm Pivots: Why Misconfigured Edge Devices Are Now the Primary Target for Critical Infrastructure Attacks

Trust: 3.5

Fetched: Dec. 21, 2025, 9:30 a.m., Published: Dec. 19, 2025, 5:09 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: routers
vendor: sonicwall model: remote access
vendor: check point model: check point
db: NVD ids: CVE-2022-26318, CVE-2023-27532, CVE-2024-24919, CVE-2021-26084, CVE-2023-22518

Is Your Smart Home a Cyber Playground? North Korean Hackers Target IoT Devices

Trust: 3.75

Fetched: Dec. 21, 2025, 9:30 a.m., Published: Dec. 19, 2025, 5:48 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

CVE-2025-9315 - Unauthenticated Device Registration Vulnerability in MXsecurity Series - SecAlerts

Trust: 3.0

Fetched: Dec. 21, 2025, 9:29 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-9315

CVE-2025-9315: Unauthenticated Device Registration Vulnerability in MXsecurity Series | IT4Automation

Trust: 3.25

Fetched: Dec. 21, 2025, 9:28 a.m., Published: Dec. 10, 2025, 4:26 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-9315

Understanding and Mitigating CVE-2025-65855 in Netun Solutions HelpFlash IoT Devices

Trust: 4.0

Fetched: Dec. 21, 2025, 9:27 a.m., Published: Dec. 21, 2025, midnight
 Vulnerabilities: code execution, default credentials
Affected productsExternal IDs
db: NVD ids: CVE-2025-65855

Microsoft rolled out December 2025 firmware updates for Surface Laptop Studio 2

Trust: 4.5

Fetched: Dec. 21, 2025, 9:27 a.m., Published: Dec. 17, 2025, 5 a.m.
 Vulnerabilities: code execution, denial of service, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-23345, CVE-2025-23276, CVE-2024-0150, CVE-2024-0146, CVE-2024-21864, CVE-2025-23309, CVE-2025-23347, CVE-2024-44074, CVE-2025-23288, CVE-2025-23281, CVE-2025-23286

Amazon Patches Kindle Vulnerabilities Enabling Account Hijacks via Malicious Ebooks

Trust: 3.75

Fetched: Dec. 21, 2025, 9:26 a.m., Published: Dec. 16, 2025, 1:41 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point

CVE-2023-7209: Critical Vulnerability in Uniway Router Leading to Denial of Service - Ameeba Exploit Tracker

Trust: 5.25

Fetched: Dec. 21, 2025, 9:25 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2023-7209

Serial Port Privilege Escalation Vulnerabilities in Some Hikvision DVR Devices - Security Advisory - Hikvision Global

Trust: 5.0

Fetched: Dec. 21, 2025, 9:23 a.m., Published: Dec. 3, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: hikvision model: hikvision

100+ Cisco Secure Email Devices Exposed to Zero‑Day Exploited in the Wild

Trust: 3.0

Fetched: Dec. 21, 2025, 9:23 a.m., Published: Dec. 21, 2025, 3:40 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-20393

CVE-2023-4818: PAX A920 Device Bootloader Downgrade Vulnerability - Ameeba Exploit Tracker

Trust: 3.0

Fetched: Dec. 21, 2025, 9:22 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-4818

Critical WatchGuard Firebox VPN Vulnerability Actively Exploited in the Wild - Cybercory

Trust: 3.5

Fetched: Dec. 21, 2025, 9:22 a.m., Published: Dec. 19, 2025, 11:11 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: watchguard model: fireware
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-14733