firmware updates
-
Unpatched TOTOLINK EX200 firmware flaw can start unauthenticated root telnet
A CERT/CC advisory disclosed CVE-2025-65606 in the TOTOLINK EX200 that can trigger an unauthenticated root telnet service. The vendor has not issued a patch and the product appears unsupported.
-
UEFI firmware flaw leaves early-boot DMA protections uninitialized on multiple motherboards
A firmware flaw affecting ASRock, ASUS, GIGABYTE and MSI motherboards can leave IOMMU uninitialized during early boot, allowing DMA-capable PCIe devices with physical access to read or modify system memory; four CVEs have been assigned and vendors have released firmware updates.
-
ASUS issues firmware to fix critical authentication bypass in DSL routers
ASUS released firmware version 1.1.2.3_1010 to fix a critical authentication bypass (CVE-2025-59367) impacting DSL-AC51, DSL-N16 and DSL-AC750 routers and urged users to install the update or follow mitigation steps to block internet-accessible services.
-
TP-Link issues firmware updates for Omada gateways to fix four vulnerabilities, including two critical bugs
TP-Link released firmware updates for Omada gateway devices to fix four vulnerabilities, including two critical command injection flaws; users are advised to apply updates and verify device configurations.
-
DrayTek warns of remote code execution bug in Vigor routers
DrayTek has warned that multiple Vigor router models are affected by CVE-2025-10547, an uninitialized stack vulnerability that can lead to memory corruption and, in some cases, remote code execution; firmware updates are available and administrators are urged to apply them.
-
Serious Security Vulnerabilities Found in Over 100 Dell Laptop Models
Cisco has identified serious vulnerabilities in over 100 Dell laptop models, impacting millions of devices worldwide. These flaws, which can allow attackers to control devices and access sensitive data, necessitate immediate firmware updates from affected users.
