Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

Trust: 5.25

Fetched: March 18, 2026, 9:50 a.m., Published: March 12, 2026, 9:58 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: ipod touch
vendor: apple model: iphone
db: NVD ids: CVE-2023-41974, CVE-2023-38606, CVE-2024-23222, CVE-2023-43000, CVE-2023-32434, CVE-2023-43010

CVE-2026-4210 - Command Injection Vulnerability in Multiple…

Trust: 6.0

Fetched: March 18, 2026, 9:49 a.m., Published: March 6, 2026, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dnr-326
vendor: d-link model: dns-320l
vendor: d-link model: dns-323
vendor: d-link model: dnr-322l
vendor: d-link model: dns-320lw
vendor: d-link model: dns-340l
vendor: d-link model: dns-325
vendor: d-link model: dns-320
vendor: d-link model: dns-345
vendor: d-link model: dns-327l
db: NVD ids: CVE-2026-4210

CVE-2025-31703 - Dahua NVR/XVR Unauthorized Physical Access Privilege Escalation

Trust: 5.0

Fetched: March 18, 2026, 9:46 a.m., Published: March 18, 2026, 8:16 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-31703

[updated] Google patches two Chrome zero-days under active attack | Malwarebytes

Trust: 4.5

Fetched: March 18, 2026, 9:46 a.m., Published: March 13, 2026, 12:58 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
db: NVD ids: CVE-2026-3909

CVE-2025-44650: Denial of Service Vulnerability in Netgear R7000 and EAX80 - Ameeba Exploit Tracker

Related entries in the VARIoT vulnerabilities database: VAR-202507-3140

Trust: 6.0

Fetched: March 18, 2026, 9:45 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: netgear model: r7000
db: NVD ids: CVE-2025-44650

Grandstream VoIP Phones Vulnerability Allows Attackers to Gain Root Privileges

Trust: 5.0

Fetched: March 18, 2026, 9:45 a.m., Published: Feb. 20, 2026, 1:57 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: grandstream model: gxp1600
db: NVD ids: CVE-2026-2329

Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities

Trust: 5.75

Fetched: March 18, 2026, 9:44 a.m., Published: March 11, 2026, 3:51 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xr software
vendor: cisco model: ios xr
vendor: cisco model: cisco ios xr
db: NVD ids: CVE-2026-20040, CVE-2026-20046

Is Your Android Device Secure? New Vulnerability Allows Hac

Trust: 3.25

Fetched: March 18, 2026, 9:42 a.m., Published: March 18, 2013, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

CVE-2026-22317 Phoenix Contact FL SWITCH 2005, FL SWITCH 2... CVETodo

Trust: 5.75

Fetched: March 18, 2026, 9:41 a.m., Published: March 18, 2005, midnight
 Vulnerabilities: denial of service, privilege escalation, command execution...
Affected productsExternal IDs
vendor: phoenix model: contact fl switch
db: NVD ids: CVE-2026-22317

Is your Android device secure? A new vulnerability allows hackers to steal your phone's data in just 1 minute, raising concerns among users | NewsCrab

Trust: 4.0

Fetched: March 18, 2026, 9:40 a.m., Published: March 1, 2026, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

Security Advisory - Vulnerability found in Dahua NVR/XVR device - Zhejiang Dahua Technology Co., Ltd.

Trust: 3.0

Fetched: March 18, 2026, 9:36 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-31703

Ledger's Warning: Critical Firmware Flaw Threatens Mobile Crypto Security | Cryptodamus

Trust: 3.5

Fetched: March 18, 2026, 9:35 a.m., Published: March 11, 2026, 2:39 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: google model: android
vendor: trend model: security
vendor: essential model: phone

Dangerous Security Flaw Affects Millions of Android Smartphones - Yahoo News UK

Trust: 3.0

Fetched: March 18, 2026, 9:24 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-20435

Mar 2026: Microsoft Devices Pricing Program Remote Code Execution Vulnerability: CVE-2026-21536 March 2026

Trust: 4.0

Fetched: March 17, 2026, 10:16 a.m., Published: March 17, 2026, midnight
 Vulnerabilities: file upload vulnerability, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-21536

Netis Router Exploit Chain (CVE-2024-48455-48457): Unauthenticated RCE with Metasploit | Markaicode

Trust: 3.75

Fetched: March 17, 2026, 10:15 a.m., Published: May 6, 2025, midnight
 Vulnerabilities: code execution, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2024-48456, CVE-2024-48457, CVE-2024-48455

CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs

Trust: 5.25

Fetched: March 17, 2026, 10:15 a.m., Published: Feb. 19, 2026, 11:54 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-1670

XBOW on X: "“The vulnerability with the highest CVSS score in this month’s update is a critical remote code execution flaw in the Microsoft Devices Pricing Program. CVE-2026-21536 (CVSS score: 9.8), per Microsoft, has been fully mitigated [...] Artificial intelligence (AI)-powered autonomous" / X

Trust: 4.0

Fetched: March 17, 2026, 10:15 a.m., Published: March 17, 2026, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-21536

Product and Support News | WatchGuard Technologies

Trust: 3.0

Fetched: March 17, 2026, 10:14 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: watchguard model: firebox
vendor: watchguard model: fireware

‎m17 R2, BIOS installer blocked, vulnerable driver amifldrv64.sys | DELL Technologies

Trust: 3.25

Fetched: March 17, 2026, 10:13 a.m., Published: March 1, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Industrial Control System Vulnerabilities Hit Record Highs - Infosecurity Magazine

Trust: 3.0

Fetched: March 17, 2026, 10:04 a.m., Published: Feb. 19, 2026, 1 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: rapid model: scada