Sign-up

VARIoT news about IoT security

Crisis in Cybersecurity: Siemens Industrial Edge Devices Vulnerability Explained | Windows Forum

Trust: 4.5

Fetched: April 11, 2025, 9:09 a.m., Published: May 11, 2025, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: siemens model: simatic
vendor: siemens model: scalance
db: NVD ids: CVE-2024-54092

Forescout’s 2025 report reveals surge in device vulnerabilities across IT, IoT, OT, and IoMT - Industrial Cyber

Trust: 4.75

Fetched: April 11, 2025, 9:08 a.m., Published: April 10, 2025, 10:30 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: trend model: security

The Top 5 Healthcare Internet of Things (IoT) Vulnerabilities

Trust: 3.75

Fetched: April 11, 2025, 9:06 a.m., Published: Dec. 18, 2023, 8:20 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trendnet model: ip camera

Vulnerabilities identified in Amazon Fire TV Stick, Insignia FireOS TV Series

Trust: 4.5

Fetched: April 11, 2025, 9:06 a.m., Published: April 2, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: netgear model: orbi
vendor: netgear model: router
vendor: amazon model: fire tv
db: NVD ids: CVE-2023-1383, CVE-2023-1384, CVE-2023-1385

Automatically exclude devices from vulnerability management | Microsoft Community Hub

Trust: 3.25

Fetched: April 11, 2025, 9:04 a.m., Published: July 1, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hub model: hub

Assess Network Vulnerabilities with Bitdefender BOX Vulnerability Scan

Trust: 4.0

Fetched: April 11, 2025, 9:04 a.m., Published: Sept. 2, 2024, 1:26 p.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs

CVE-2025-24198 - Apple Siri Locked Device Data Access Vulnerability

Trust: 4.5

Fetched: April 9, 2025, 9:25 a.m., Published: March 31, 2025, 11:15 p.m.
 Vulnerabilities: data access vulnerability
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: iphone_os
db: NVD ids: CVE-2025-24198

CVE-2024-54092 : Authentication Bypass Vulnerability in Industrial Edge Device Kit by Siemens | SecurityVulnerability.io

Trust: 4.25

Fetched: April 9, 2025, 9:25 a.m., Published: April 8, 2025, 8:22 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-54092

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) | Google Cloud Blog

Trust: 5.25

Fetched: April 9, 2025, 9:24 a.m., Published: April 3, 2025, 11:04 p.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: asus model: routers
vendor: asus model: asus
vendor: google model: nexus
vendor: google model: home
db: NVD ids: CVE-2023-46805, CVE-2025-0282, CVE-2024-21887, CVE-2025-22457, CVE-2023-4966

Surge in threat actors scanning Juniper, Cisco, and Palo Alto Networks devices | CSO Online

Trust: 4.75

Fetched: April 9, 2025, 9:24 a.m., Published: April 3, 2025, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo model: networks
vendor: cisco systems model: router
vendor: cisco model: router

MediaTek Security Update - Patch for Vulnerabilities Affecting Smartphone, Tablet, & other Devices

Trust: 4.75

Fetched: April 9, 2025, 9:24 a.m., Published: April 7, 2025, 12:48 p.m.
 Vulnerabilities: privilege escalation, code execution, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2025-20658, CVE-2025-20654, CVE-2025-20656, CVE-2025-20664, CVE-2025-20657, CVE-2025-20655, CVE-2025-20659

Versa Security and Trust Center | Versa Networks

Trust: 4.25

Fetched: April 9, 2025, 9:23 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2025-24085, CVE-2025-30065, CVE-2025-0282, CVE-2025-22457, CVE-2025-2825, CVE-2025-24200, CVE-2025-24201

CVE-2024-23943 : Unauthenticated Remote Access Vulnerability in Cloud API of Affected Devices | SecurityVulnerability.io

Trust: 3.25

Fetched: April 9, 2025, 9:20 a.m., Published: March 18, 2025, 11:03 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-23943

Android owners told to update NOW as Google reveals 60 bugs - and one lets hackers unlock your phone without a passcode | The Irish Sun

Trust: 4.5

Fetched: April 9, 2025, 9:19 a.m., Published: April 8, 2025, 12:03 p.m.
 Vulnerabilities: privilege escalation, memory corruption
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: google model: chrome
vendor: essential model: phone
vendor: samsung model: mobile
vendor: samsung model: android phone
vendor: samsung model: samsung
vendor: huawei model: huawei
db: NVD ids: CVE-2024-53197, CVE-2024-53150

Google's Latest Patch Fixes 62 Security Vulnerabilities in Android | Lifehacker

Trust: 5.75

Fetched: April 9, 2025, 9:18 a.m., Published: April 8, 2025, 8 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: motorola model: motorola
vendor: motorola model: android
vendor: google model: pixel
vendor: google model: android
vendor: samsung model: samsung
vendor: alsa model: alsa
db: NVD ids: CVE-2024-53197, CVE-2024-53150

Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2025-2783) - Qualys ThreatPROTECT

Trust: 3.75

Fetched: April 9, 2025, 9:18 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2025-2783

CVE-2025-27484: Critical UPnP Vulnerability Threatens Windows Security | Windows Forum

Trust: 5.5

Fetched: April 9, 2025, 9:17 a.m., Published: May 9, 2025, midnight
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-27484

Google Releases April 2025 Android Security Patch Addressing Actively Exploited Vulnerabilities

Trust: 4.5

Fetched: April 9, 2025, 9:15 a.m., Published: April 8, 2025, 10:32 a.m.
 Vulnerabilities: privilege escalation, information disclosure, denial of service
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: google model: pixel
vendor: google model: android
db: NVD ids: CVE-2025-22439, CVE-2025-22426, CVE-2024-49730, CVE-2025-22422, CVE-2024-53197, CVE-2025-22421, CVE-2025-22417, CVE-2025-22434, CVE-2025-22442, CVE-2024-49720, CVE-2025-22419, CVE-2025-22435, CVE-2025-22424, CVE-2025-22416, CVE-2025-22418, CVE-2025-22438, CVE-2025-22432, CVE-2024-40653, CVE-2024-49728, CVE-2024-53150, CVE-2025-22429, CVE-2025-22423, CVE-2025-22431, CVE-2024-49722, CVE-2025-22437, CVE-2025-22428, CVE-2025-26416, CVE-2025-22433, CVE-2025-22427, CVE-2025-22430

Windows 11 KB5055523 KB5055528 April 2025 Patch And 1 Zero Day Vulnerability And 134 Flaws HTMD Blog

Trust: 3.5

Fetched: April 9, 2025, 9:14 a.m., Published: April 8, 2025, 6:12 p.m.
 Vulnerabilities: information disclosure, feature bypass, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2025-29824

SSA-634640

Trust: 3.0

Fetched: April 9, 2025, 9:13 a.m., Published: April 1, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-54092