Sign-up

VARIoT news about IoT security

Top 10 Best VAPT Tools in 2026

Trust: 4.5

Fetched: Jan. 16, 2026, 9:48 a.m., Published: Jan. 7, 2026, 7:20 a.m.
 Vulnerabilities: sql injection, directory traversal, cross-site scripting...
Affected productsExternal IDs
vendor: wireshark model: wireshark

CVE-2026-20973 is a vulnerability in Samsung Mobile Devices

Trust: 3.75

Fetched: Jan. 16, 2026, 9:46 a.m., Published: Jan. 9, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: samsung mobile
db: NVD ids: CVE-2026-20973

Zero-Day Attacks: Meaning, Examples, and Modern Defense Strategies | Splunk

Trust: 3.5

Fetched: Jan. 16, 2026, 9:45 a.m., Published: Jan. 7, 2026, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

Serial Port Privilege Escalation Vulnerabilities in Some Hikvision DVR Devices - Security Advisory - Hikvision Global

Trust: 5.0

Fetched: Jan. 16, 2026, 9:45 a.m., Published: Jan. 3, 2026, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: hikvision model: hikvision

CVE-2025-32396: Heap-based Buffer Overflow Vulnerability in RT-Labs P-Net - Ameeba Exploit Tracker

Related entries in the VARIoT vulnerabilities database: VAR-202505-1552

Trust: 4.75

Fetched: Jan. 16, 2026, 9:44 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: buffer overflow, system crash
Affected productsExternal IDs
db: NVD ids: CVE-2025-32396

WatchGuard warns critical flaw in Firebox devices facing exploitation | Cybersecurity Dive

Trust: 5.5

Fetched: Jan. 16, 2026, 9:42 a.m., Published: Dec. 23, 2025, midnight
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: watchguard model: firebox
vendor: watchguard model: fireware
vendor: watchguard model: watchguard fireware
db: NVD ids: CVE-2025-14733, CVE-2025-9242

www.cyber.gov.au

Trust: 4.25

Fetched: Jan. 16, 2026, 9:37 a.m., Published: May 16, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-14733

VU#472136 - Information Leak and DoS Vulnerabilities in Redmi Buds 3 Pro through 6 Pro

Related entries in the VARIoT vulnerabilities database: VAR-201404-0592

Trust: 5.5

Fetched: Jan. 16, 2026, 9:36 a.m., Published: Jan. 3, 2026, midnight
 Vulnerabilities: information leak, resource exhaustion, denial of service
Affected productsExternal IDs
vendor: xiaomi model: redmi
db: NVD ids: CVE-2014-0160, CVE-2025-13834, CVE-2025-13328

Industry Vulnerability Update: Junos OS ICMPv4 DoS issue (CVE-2026-0203) | FastNetMon Official site

Trust: 3.25

Fetched: Jan. 16, 2026, 9:35 a.m., Published: Jan. 14, 2026, 11:27 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-0203

Microsoft warns about a critical vulnerability in Windows Secure Boot - Softonic

Trust: 3.0

Fetched: Jan. 16, 2026, 9:35 a.m., Published: Jan. 15, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-21265

Güralp Systems, Rockwell Automation and YoSmart: CISA issues multiple ICS advisories, details DoS vulnerability risk in Rockwell devices used in critical manufacturing

Trust: 5.0

Fetched: Jan. 16, 2026, 9:34 a.m., Published: Jan. 13, 2026, midnight
 Vulnerabilities: sql injection, session hijacking
Affected productsExternal IDs
vendor: rockwell model: automation factorytalk
vendor: rockwell model: factorytalk
vendor: rockwell automation model: automation factorytalk
vendor: rockwell automation model: factorytalk
vendor: rockwellautomation model: automation factorytalk
vendor: rockwellautomation model: factorytalk
db: NVD ids: CVE-2025-59451, CVE-2025-12807, CVE-2025-59448, CVE-2025-59452, CVE-2025-59449, CVE-2025-9368

Security Advisory: Weekly Advisory January 7th, 2025 | CyberMaxx

Trust: 4.75

Fetched: Jan. 16, 2026, 9:34 a.m., Published: Jan. 9, 2026, noon
 Vulnerabilities: command injection, path traversal, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2025-59469, CVE-2025-59470, CVE-2026-21440, CVE-2026-21858, CVE-2025-55125, CVE-2026-0625, CVE-2025-59468

HPE Aruba Flaws Allow Unauthorized Access to Sensitive Data

Trust: 5.5

Fetched: Jan. 16, 2026, 9:33 a.m., Published: Jan. 15, 2026, 10:12 a.m.
 Vulnerabilities: memory corruption, information disclosure, information exposure
Affected productsExternal IDs
vendor: aruba model: instant
vendor: aruba model: aruba instant
vendor: hewlett packard model: switch series
vendor: hewlett packard model: switches
vendor: hewlett packard enterprise model: switch series
vendor: hewlett packard enterprise model: switches
vendor: blueman model: blueman
db: NVD ids: CVE-2023-52340, CVE-2025-37166, CVE-2022-48839, CVE-2025-37165

Critical 'WhisperPair' Flaw Exposes Millions of Bluetooth Earbuds to Eavesdropping and Tracking - BigGo News

Trust: 3.5

Fetched: Jan. 16, 2026, 9:32 a.m., Published: Jan. 16, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2025-36911

Warning: Authorization bypass vulnerability in Siemens Industrial Edge Devices, Patch Immediately! | CCB Safeonweb

Trust: 3.75

Fetched: Jan. 16, 2026, 9:32 a.m., Published: Jan. 14, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: scalance
vendor: siemens model: simatic ipc847e
vendor: siemens model: simatic ipc227e
vendor: siemens model: simatic ipc427e
vendor: siemens model: simatic ipc127e
vendor: siemens model: simatic
db: NVD ids: CVE-2025-40805

HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive Information

Trust: 5.5

Fetched: Jan. 16, 2026, 9:26 a.m., Published: Jan. 15, 2026, 9:59 a.m.
 Vulnerabilities: memory corruption, information disclosure, information exposure
Affected productsExternal IDs
vendor: aruba model: instant
vendor: aruba model: aruba instant
vendor: hewlett packard model: integrity
vendor: hewlett packard model: switch series
vendor: hewlett packard enterprise model: integrity
vendor: hewlett packard enterprise model: switch series
vendor: blueman model: blueman
db: NVD ids: CVE-2023-52340, CVE-2025-37166, CVE-2022-48839, CVE-2025-37165

CVE-2025-13455 Lenovo ThinkPlus FU100, ThinkPlus FU200, Th... CVETodo

Trust: 5.25

Fetched: Jan. 16, 2026, 9:26 a.m., Published: Jan. 14, 2026, 11:15 p.m.
 Vulnerabilities: improper validation, authentication bypass
Affected productsExternal IDs
vendor: lenovo model: updates
vendor: lenovo model: system
db: NVD ids: CVE-2025-134551, CVE-2025-13455

HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive

Trust: 4.5

Fetched: Jan. 16, 2026, 9:25 a.m., Published: Jan. 16, 2026, 11:01 a.m.
 Vulnerabilities: information disclosure, service disruption, code execution
Affected productsExternal IDs
vendor: aruba model: instant
vendor: aruba model: aruba instant
vendor: hewlett packard model: integrity
vendor: wireshark model: wireshark
vendor: hewlett packard enterprise model: integrity
db: NVD ids: CVE-2023-52340, CVE-2025-37166, CVE-2022-48839, CVE-2025-37165

Critical Dolby Codec Vulnerability Exposes Android Devices to Code Execution Attacks

Trust: 5.75

Fetched: Jan. 16, 2026, 9:25 a.m., Published: Jan. 6, 2026, 3:29 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2025-54957

Multiple Hikvision Vulnerabilities Let Attackers Cause Device Malfunction Using Crafted Packets

Trust: 3.75

Fetched: Jan. 16, 2026, 9:23 a.m., Published: Jan. 13, 2026, 6:20 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: series
vendor: hikvision model: hikvision
db: NVD ids: CVE-2025-66176, CVE-2025-66177