Sign-up

VARIoT news about IoT security

CVE-2026-20118 | Tenable®

Trust: 5.0

Fetched: March 15, 2026, 9:26 a.m., Published: March 15, 5500, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xr software
vendor: cisco model: cisco ios xr
vendor: cisco model: routers
vendor: cisco model: series
vendor: cisco model: cisco ios
vendor: cisco model: network convergence system
vendor: cisco model: ios xr
db: NVD ids: CVE-2026-20118

PT SWARM - Positive Technologies Offensive Team

Trust: 4.0

Fetched: March 13, 2026, 10:16 a.m., Published: March 10, 2026, midnight
 Vulnerabilities: request forgery, denial of service
Affected productsExternal IDs

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: March 13, 2026, 10:13 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

CISA Warns Qualcomm Chipsets Memory Corruption Vulnerability Is Actively Exploited in Attacks

Trust: 6.0

Fetched: March 13, 2026, 10:12 a.m., Published: March 4, 2026, 12:59 p.m.
 Vulnerabilities: integer overflow, memory corruption, improper validation...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385

SSA-126399

Trust: 4.25

Fetched: March 13, 2026, 10:06 a.m., Published: March 1, 2026, midnight
 Vulnerabilities: improper access control
Affected productsExternal IDs
db: NVD ids: CVE-2025-27769

Android Zero Day, Cisco Firewall Root Access Flaw, and the Coruna iPhone Exploit Chain

Trust: 4.5

Fetched: March 13, 2026, 10:05 a.m., Published: March 3, 2026, midnight
 Vulnerabilities: code execution, integer overflow, privilege escalation...
Affected productsExternal IDs
vendor: hikvision model: hikvision
vendor: google model: android
db: NVD ids: CVE-2026-3102, CVE-2026-21385

SecureBoot Bypass Vulnerability in Insyde H2O - UEFI Firmware Threat - UBOS

Trust: 3.5

Fetched: March 13, 2026, 10:04 a.m., Published: Feb. 26, 2026, 11:48 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: lenovo model: updates
vendor: lenovo model: bios
vendor: lenovo model: system
vendor: dell model: bios

Ceragon Siklu MultiHaul and EtherHaul Vulnerability (CVE-2025-57176)

Trust: 4.0

Fetched: March 13, 2026, 10:03 a.m., Published: March 13, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siklu model: etherhaul
db: NVD ids: CVE-2025-57176

Get Root Privileges on Xiaomi Without Bootloader Unlocking! - DroidWin

Trust: 4.75

Fetched: March 13, 2026, 10:01 a.m., Published: March 10, 2026, 10:08 a.m.
 Vulnerabilities: parameter injection
Affected productsExternal IDs
vendor: xiaomi model: miui

iOS 16.7.15 Released for Older iPhones: Security Fix You Should Instal

Trust: 3.0

Fetched: March 13, 2026, 9:58 a.m., Published: July 16, 2015, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: software update
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad

Coruna iOS Exploit Kit Compromises Thousands of iPhones | eSecurity Planet

Trust: 3.25

Fetched: March 13, 2026, 9:58 a.m., Published: March 5, 2026, 2:01 p.m.
 Vulnerabilities: code execution, privilege escalation, memory corruption
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: iphone

MediaTek Vulnerability: CMF Phone Security Broken in 45 Seconds

Trust: 3.0

Fetched: March 13, 2026, 9:55 a.m., Published: March 12, 2026, 5:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-20435

Apple confirms today’s iOS and iPadOS updates fix Coruna exploit - 9to5Mac

Trust: 4.25

Fetched: March 13, 2026, 9:54 a.m., Published: March 12, 2026, 12:13 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: ipod touch
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-41974, CVE-2023-43010, CVE-2024-23222, CVE-2023-43000

Fortinet Authentication Bypass Vulnerabilities Exploited - Léargas Security

Trust: 5.0

Fetched: March 13, 2026, 9:53 a.m., Published: March 10, 2026, 7:46 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2026-24858, CVE-2025-59718, CVE-2025-59719

CVE-2026-24295: Patch Windows Device Association Service Local Privilege Escalation | Windows Forum

Trust: 4.5

Fetched: March 13, 2026, 9:46 a.m., Published: March 10, 2026, 6:54 p.m.
 Vulnerabilities: code execution, privilege escalation, memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2026-24295

Microsoft: Microsoft Authenticator could leak login codes-update your app now

Trust: 3.75

Fetched: March 13, 2026, 9:31 a.m., Published: March 12, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-26123

MediaTek Security Flaw Threatens Data on Millions of Android Devices - FilmoGaz

Trust: 3.75

Fetched: March 13, 2026, 9:30 a.m., Published: March 12, 2026, 8:03 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: android
vendor: samsung model: samsung
vendor: oneplus model: oneplus
db: NVD ids: CVE-2026-20435

CVE-2026-28472: CVE-2026-28472: Device Identity Verification Bypass in OpenClaw Gateway WebSocket Handshake | CVEReports

Trust: 3.25

Fetched: March 13, 2026, 9:30 a.m., Published: March 5, 2026, 9:59 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-28472

Vulnerability found: SSH Prefix Truncation Vulnerability (Terrapin)

Trust: 3.0

Fetched: March 11, 2026, 9:57 a.m., Published: Aug. 2, 2007, midnight
 Vulnerabilities: os command injection, code execution, command injection...
Affected productsExternal IDs
db: NVD ids: CVE-2025-26465, CVE-2025-61984, CVE-2023-51385, CVE-2023-38408, CVE-2023-51384, CVE-2023-48795

CVE-2025-58107: Microsoft Exchange EAS Vulnerability Exposes Sensitive Samsung Device Data - NS Toolkit

Trust: 3.75

Fetched: March 11, 2026, 9:56 a.m., Published: March 3, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: samsung mobile
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: mobile devices
db: NVD ids: CVE-2025-58107