Sign-up

VARIoT news about IoT security

Active exploitation of Cisco Catalyst SD-WAN by UAT-8616

Related entries in the VARIoT vulnerabilities database: VAR-202209-1914

Trust: 4.5

Fetched: Feb. 27, 2026, 9:34 a.m., Published: Feb. 25, 2026, 4:13 p.m.
 Vulnerabilities: path traversal
Affected productsExternal IDs
vendor: cisco model: sd-wan
vendor: cisco model: catalyst
vendor: cisco model: vedge
vendor: trend model: security
vendor: snort model: snort
db: NVD ids: CVE-2026-20127, CVE-2022-20775

Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability

Trust: 4.0

Fetched: Feb. 27, 2026, 9:33 a.m., Published: Feb. 25, 2026, 3:59 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco application policy infrastructure controller
vendor: cisco model: mds 9000
vendor: cisco model: series switches
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus
vendor: cisco model: nexus 9000
vendor: cisco model: firepower 9300
vendor: cisco model: cisco nexus 9000 series
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: application policy infrastructure controller
vendor: cisco model: firepower 2100
vendor: cisco model: nexus 3000
vendor: cisco model: firepower
vendor: cisco model: nexus 7000
vendor: cisco model: mds 9000 series

Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability

Trust: 5.0

Fetched: Feb. 27, 2026, 9:33 a.m., Published: Feb. 25, 2026, 3:59 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: nx-os software
vendor: cisco model: series switches
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus
vendor: cisco model: nexus 9000
vendor: cisco model: cisco nexus 9000 series
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: nexus 3000
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus 7000

CVE-2026-20127 - Cisco Catalyst Zero-Day Vulnerability | eSentire

Related entries in the VARIoT vulnerabilities database: VAR-202209-1914

Trust: 5.0

Fetched: Feb. 27, 2026, 9:32 a.m., Published: Feb. 25, 2026, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: threat response
vendor: cisco model: sd-wan vmanage
vendor: cisco model: sd-wan
vendor: cisco model: wan manager
vendor: cisco model: routers
vendor: cisco model: cisco sd-wan
vendor: cisco model: catalyst
db: NVD ids: CVE-2026-20127, CVE-2022-20775

CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild - Security Boulevard

Trust: 5.0

Fetched: Feb. 27, 2026, 9:32 a.m., Published: Feb. 25, 2026, 6:51 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: cisco model: sd-wan
vendor: cisco model: catalyst
db: NVD ids: CVE-2026-20127

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

Trust: 3.25

Fetched: Feb. 27, 2026, 9:29 a.m., Published: Feb. 27, 2026, 12:41 a.m.
 Vulnerabilities: default administrator password, authentication bypass
Affected productsExternal IDs
vendor: cisco model: sd-wan solution
vendor: cisco model: technical support
vendor: cisco model: sd-wan vmanage
vendor: cisco model: sd-wan
vendor: cisco model: wan manager
vendor: cisco model: ios xe
vendor: cisco model: cisco sd-wan
vendor: cisco model: vedge
vendor: cisco model: catalyst
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios

Use navigation in Google Maps - Android - Google Maps Help

Trust: 3.0

Fetched: Feb. 27, 2026, 9:21 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Update Google Maps - Android - Google Maps Help

Trust: 3.5

Fetched: Feb. 27, 2026, 9:20 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Get started with Google Maps - Android - Google Maps Help

Trust: 3.0

Fetched: Feb. 27, 2026, 9:19 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Download the YouTube mobile app - Android - YouTube Help

Trust: 3.25

Fetched: Feb. 27, 2026, 9:14 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

CVE-2026-23678 Binardat Ltd. 10G08-0800GSM Network Switch CVETodo

Trust: 4.75

Fetched: Feb. 25, 2026, 10:01 a.m., Published: -
 Vulnerabilities: command injection, command execution, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2026-23678

Dell 0-Day Vulnerability Exploited by Chinese Hackers since mid-2024 to Deploy Malware

Trust: 4.5

Fetched: Feb. 25, 2026, 9:53 a.m., Published: Feb. 18, 2026, 3:34 a.m.
 Vulnerabilities: command execution, configuration flaw, default credentials
Affected productsExternal IDs
vendor: google model: nexus
vendor: google model: home
db: NVD ids: CVE-2026-22769, CVE-2026-2276910

Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340)

Trust: 3.5

Fetched: Feb. 25, 2026, 9:52 a.m., Published: Jan. 30, 2026, 4:15 p.m.
 Vulnerabilities: command execution, code injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-1340, CVE-2026-1281

VulScan-LT: A Lightweight Transformer-Based Software Vulnerability Scanning Tool for Resource-Constrained Edge Devices | Springer Nature Link

Trust: 3.75

Fetched: Feb. 25, 2026, 9:51 a.m., Published: Feb. 25, 2026, midnight
 Vulnerabilities: -

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Trust: 3.0

Fetched: Feb. 25, 2026, 9:50 a.m., Published: Feb. 3, 2026, 2 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-11953

Secure Access: The Persistent Vulnerability | DigitrendZ

Trust: 3.0

Fetched: Feb. 25, 2026, 9:49 a.m., Published: Feb. 25, 2026, 9:32 a.m.
 Vulnerabilities: session hijacking
Affected productsExternal IDs

Critical Vulnerabilities in Jinan USR IOT Technology Limited's USR-W610 Expose Industrial Systems

Trust: 4.0

Fetched: Feb. 25, 2026, 9:49 a.m., Published: Feb. 25, 2026, midnight
 Vulnerabilities: weak password, authentication bypass
Affected productsExternal IDs

iOS Zero-Day Vulnerability Exploit Discovered | Enigma Security posted on the topic | LinkedIn

Trust: 4.0

Fetched: Feb. 25, 2026, 9:48 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: webkit
db: NVD ids: CVE-2024-23296, CVE-2024-23225, CVE-2024-23222

AI-driven hacking campaign breaches 600+ Fortinet devices

Trust: 4.25

Fetched: Feb. 25, 2026, 9:46 a.m., Published: Feb. 23, 2026, 12:51 a.m.
 Vulnerabilities: information manipulation, cross-site scripting, code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: barracuda model: running
vendor: barracuda model: barracuda
vendor: canary model: canary
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: trend model: security
db: NVD ids: CVE-2025-29969

Apple Security Patch: CVE-2026-20700 Threat Advisory | Citanex

Trust: 5.25

Fetched: Feb. 25, 2026, 9:45 a.m., Published: Feb. 25, 2026, 4:16 a.m.
 Vulnerabilities: memory corruption, data access vulnerability, information disclosure...
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: tvos
vendor: apple model: watch
vendor: apple model: iphone
vendor: apple model: macos
vendor: essential model: phone
db: NVD ids: CVE-2026-20682, CVE-2026-20678, CVE-2026-20661, CVE-2026-20700