Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

Cisco Secure Firewall Adaptive Security Appliance Software SSH Partial Private Key Authentication Bypass Vulnerability

Trust: 4.0

Fetched: March 13, 2026, 10:16 a.m., Published: March 4, 2026, 4:14 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
vendor: cisco model: asa software
vendor: cisco model: adaptive security appliance software

PT SWARM - Positive Technologies Offensive Team

Trust: 4.0

Fetched: March 13, 2026, 10:16 a.m., Published: March 10, 2026, midnight
 Vulnerabilities: request forgery, denial of service
Affected productsExternal IDs

Ivanti Desktop and Server Management Vulnerability Allows Attackers to Escalate Privileges

Trust: 4.25

Fetched: March 13, 2026, 10:13 a.m., Published: March 10, 2026, 5:02 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2026-3483

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: March 13, 2026, 10:13 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

CISA Warns Qualcomm Chipsets Memory Corruption Vulnerability Is Actively Exploited in Attacks

Trust: 6.0

Fetched: March 13, 2026, 10:12 a.m., Published: March 4, 2026, 12:59 p.m.
 Vulnerabilities: integer overflow, memory corruption, improper validation...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385

Pixel Update Bulletin-March 2026 | Android Open Source Project

Trust: 4.25

Fetched: March 13, 2026, 10:08 a.m., Published: March 13, 2026, midnight
 Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: google model: wifi
db: NVD ids: CVE-2026-0117, CVE-2026-0108, CVE-2026-0113, CVE-2026-0109, CVE-2026-0114, CVE-2026-0120, CVE-2026-0122, CVE-2026-0124, CVE-2026-0110, CVE-2026-0107, CVE-2026-0123, CVE-2026-0115, CVE-2026-0121, CVE-2026-0112, CVE-2026-0116, CVE-2026-0111, CVE-2026-0119, CVE-2026-0118, CVE-2025-48611, CVE-2025-36920

SSA-126399

Trust: 4.25

Fetched: March 13, 2026, 10:06 a.m., Published: March 1, 2026, midnight
 Vulnerabilities: improper access control
Affected productsExternal IDs
db: NVD ids: CVE-2025-27769

Android Zero Day, Cisco Firewall Root Access Flaw, and the Coruna iPhone Exploit Chain

Trust: 4.5

Fetched: March 13, 2026, 10:05 a.m., Published: March 3, 2026, midnight
 Vulnerabilities: code execution, integer overflow, privilege escalation...
Affected productsExternal IDs
vendor: hikvision model: hikvision
vendor: google model: android
db: NVD ids: CVE-2026-3102, CVE-2026-21385

SecureBoot Bypass Vulnerability in Insyde H2O - UEFI Firmware Threat - UBOS

Trust: 3.5

Fetched: March 13, 2026, 10:04 a.m., Published: Feb. 26, 2026, 11:48 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: lenovo model: updates
vendor: lenovo model: bios
vendor: lenovo model: system
vendor: dell model: bios

Ceragon Siklu MultiHaul and EtherHaul Vulnerability (CVE-2025-57176)

Trust: 4.0

Fetched: March 13, 2026, 10:03 a.m., Published: March 13, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siklu model: etherhaul
db: NVD ids: CVE-2025-57176

CVE-2025-44650: Denial of Service Vulnerability in Netgear R7000 and EAX80 - Ameeba Exploit Tracker

Related entries in the VARIoT vulnerabilities database: VAR-202507-3140

Trust: 6.0

Fetched: March 13, 2026, 10:03 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: netgear model: r7000
db: NVD ids: CVE-2025-44650

Get Root Privileges on Xiaomi Without Bootloader Unlocking! - DroidWin

Trust: 4.75

Fetched: March 13, 2026, 10:01 a.m., Published: March 10, 2026, 10:08 a.m.
 Vulnerabilities: parameter injection
Affected productsExternal IDs
vendor: xiaomi model: miui

Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

Trust: 5.25

Fetched: March 13, 2026, 10 a.m., Published: March 12, 2026, 9:58 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipod touch
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-38606, CVE-2023-43000, CVE-2023-41974, CVE-2024-23222, CVE-2023-32434, CVE-2023-43010

iOS 16.7.15 Released for Older iPhones: Security Fix You Should Instal

Trust: 3.0

Fetched: March 13, 2026, 9:58 a.m., Published: July 16, 2015, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: software update
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad

Coruna iOS Exploit Kit Compromises Thousands of iPhones | eSecurity Planet

Trust: 3.25

Fetched: March 13, 2026, 9:58 a.m., Published: March 5, 2026, 2:01 p.m.
 Vulnerabilities: code execution, privilege escalation, memory corruption
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: iphone

Ledger's Warning: Critical Firmware Flaw Threatens Mobile Crypto Security | Cryptodamus

Trust: 3.5

Fetched: March 13, 2026, 9:57 a.m., Published: March 11, 2026, 2:39 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: google model: android
vendor: essential model: phone
vendor: trend model: security

MediaTek Vulnerability: CMF Phone Security Broken in 45 Seconds

Trust: 3.0

Fetched: March 13, 2026, 9:55 a.m., Published: March 12, 2026, 5:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-20435

Apple confirms today’s iOS and iPadOS updates fix Coruna exploit - 9to5Mac

Trust: 4.25

Fetched: March 13, 2026, 9:54 a.m., Published: March 12, 2026, 12:13 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipod touch
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-41974, CVE-2023-43010, CVE-2024-23222, CVE-2023-43000

Fortinet Authentication Bypass Vulnerabilities Exploited - Léargas Security

Trust: 5.0

Fetched: March 13, 2026, 9:53 a.m., Published: March 10, 2026, 7:46 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2026-24858, CVE-2025-59718, CVE-2025-59719

CVE-2026-20013 | Tenable®

Trust: 4.25

Fetched: March 13, 2026, 9:52 a.m., Published: May 13, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: asa software
db: NVD ids: CVE-2026-20013