Sign-up

VARIoT news about IoT security

High-severity Qualcomm bug hits Android devices in targeted attacks | Malwarebytes

Trust: 5.0

Fetched: March 6, 2026, 9:12 a.m., Published: March 4, 2026, 12:33 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385

Find, secure, or erase a lost Android device - Google Account Help

Trust: 3.0

Fetched: March 6, 2026, 9:09 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Update Chrome now: Zero-day bug allows code execution via malicious webpages | Malwarebytes

Trust: 5.25

Fetched: March 4, 2026, 9:28 a.m., Published: Feb. 17, 2026, 12:33 p.m.
 Vulnerabilities: use after free, code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2026-2441

Apple Just Patched Its First Zero-Day Security Vulnerability of 2026 | Lifehacker

Trust: 5.75

Fetched: March 4, 2026, 9:27 a.m., Published: Feb. 12, 2026, 6 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: software update
vendor: apple model: iphone
db: NVD ids: CVE-2026-20700, CVE-2025-43529, CVE-2025-14174

A worrying Wi-Fi vulnerability can bypass home and office network encryption - here's how to stay safe | TechRadar

Trust: 3.0

Fetched: March 4, 2026, 9:27 a.m., Published: Feb. 27, 2026, 3:05 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

Australia Introduces Mandatory Cybersecurity Rules for Smart Devices (Effective 4 March 2026) - C-PRAV Group

Trust: 3.5

Fetched: March 4, 2026, 9:26 a.m., Published: March 4, 2026, 2:42 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited

Trust: 5.75

Fetched: March 4, 2026, 9:26 a.m., Published: March 3, 2026, 7:08 a.m.
 Vulnerabilities: integer overflow, privilege escalation, code execution...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385, CVE-2026-0031, CVE-2024-43859, CVE-2026-0028, CVE-2026-0030, CVE-2026-0027, CVE-2026-0047, CVE-2026-0006, CVE-2025-48631, CVE-2026-0037, CVE-2026-0038

Google Patches Critical Qualcomm Zero-Day in Latest Android Update | Nomadic Soft

Trust: 4.5

Fetched: March 4, 2026, 9:24 a.m., Published: March 4, 2026, midnight
 Vulnerabilities: integer overflow, memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385

Firewalls Are A Growing Security Problem - Eclypsium | Supply Chain Security for the Modern Enterprise

Trust: 4.5

Fetched: March 4, 2026, 9:22 a.m., Published: March 3, 2026, 6:25 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: palo model: ssl vpn
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: sophos model: firewall

Firewall Vulnerability Exploitation: Why the Edge is Fraying - Malware News - Malware Analysis, News and Indicators

Trust: 4.5

Fetched: March 4, 2026, 9:22 a.m., Published: March 3, 2026, 7:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: palo model: ssl vpn
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: sophos model: firewall

CVE-2026-1626 - Cisco SSH CBC Vulnerability

Trust: 3.0

Fetched: March 4, 2026, 9:21 a.m., Published: Feb. 27, 2026, 9:16 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-1626

Google Confirms Active Exploitation of Android Graphics Flaw - Delimiter Online

Trust: 5.0

Fetched: March 4, 2026, 9:19 a.m., Published: March 3, 2026, 6:48 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385

CVE-2026-23999 - Predictable Device Unlock PINs in Fleet Device Management Software

Trust: 3.0

Fetched: March 4, 2026, 9:18 a.m., Published: Feb. 26, 2026, 2:45 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-23999

Claude's collaboration tools allowed remote code execution • The Register

Trust: 5.75

Fetched: March 4, 2026, 9:17 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2025-59536, CVE-2026-21852

Are Smart Home Devices Safe: Every Risk and How to Neutralize It - Shield Operations

Trust: 5.25

Fetched: March 4, 2026, 9:16 a.m., Published: March 3, 2026, midnight
 Vulnerabilities: default credentials, default password
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: hikvision model: hikvision
vendor: philips model: hue bridge
vendor: philips hue model: hue bridge
vendor: google model: home
vendor: google model: pixel
vendor: google model: google home
vendor: zooz model: plug
vendor: home assistant model: home assistant
vendor: samsung model: samsung
vendor: netgear model: router
vendor: asus model: router
vendor: asus model: routers
vendor: asus model: asus
vendor: lifx model: bulb
vendor: ecobee model: smart thermostat
vendor: raspberry pi model: 3
db: NVD ids: CVE-2020-6007

Hitachi REB500 Vulnerabilities CVE-2026-2459 and CVE-2026-2460: Patch to 8.3.3.1 | Windows Forum

Trust: 3.75

Fetched: March 4, 2026, 9:15 a.m., Published: March 3, 2026, 6:10 p.m.
 Vulnerabilities: directory traversal
Affected productsExternal IDs
db: NVD ids: CVE-2026-2460, CVE-2026-2459

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability - The Network DNA: Networking, Cloud, and Security Technology Blog

Related entries in the VARIoT vulnerabilities database: VAR-202602-3258

Trust: 4.25

Fetched: March 4, 2026, 9:14 a.m., Published: Feb. 27, 2026, midnight
 Vulnerabilities: authentication bypass, denial of service
Affected productsExternal IDs
vendor: cisco model: catalyst
vendor: cisco model: vedge
vendor: cisco model: cisco sd-wan
vendor: cisco model: sd-wan vmanage
vendor: cisco model: wan manager
vendor: cisco model: sd-wan
db: NVD ids: CVE-2026-20127

CVE-2026-20127 Zero-Day Auth Bypass Exploited | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-202209-1914, VAR-202602-3258

Trust: 4.75

Fetched: March 4, 2026, 9:13 a.m., Published: Feb. 25, 2026, 6:51 p.m.
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: cisco model: catalyst
vendor: cisco model: cisco sd-wan
vendor: cisco model: sd-wan vmanage
vendor: cisco model: wan manager
vendor: cisco model: sd-wan
db: NVD ids: CVE-2022-20775, CVE-2026-20127

Google Confirms CVE-2026-21385 in Qualcomm Android Component Is Being Exploited

Trust: 5.5

Fetched: March 4, 2026, 9:12 a.m., Published: March 3, 2026, 8:57 a.m.
 Vulnerabilities: integer overflow, privilege escalation, memory corruption
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385, CVE-2026-0006

Android devices hit by exploited Qualcomm flaw CVE-2026-21385

Trust: 6.0

Fetched: March 4, 2026, 9:12 a.m., Published: March 3, 2026, 10:03 a.m.
 Vulnerabilities: memory corruption, integer overflow, denial of service...
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-21385, CVE-2026-0031, CVE-2024-43859, CVE-2026-0028, CVE-2026-0030, CVE-2026-0027, CVE-2026-0047, CVE-2026-0006, CVE-2025-48631, CVE-2026-0037, CVE-2026-0038