Sign-up

VARIoT news about IoT security

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: Jan. 16, 2026, 10:08 a.m., Published: -
 Vulnerabilities: configuration error
Affected productsExternal IDs

PoC Exploit Released for Android/Linux Kernel Vulnerability CVE-2025-38352

Trust: 4.75

Fetched: Jan. 16, 2026, 9:52 a.m., Published: Jan. 7, 2026, 2:09 p.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2025-38352

WhatsApp vulnerabilities expose user metadata, including device OS details - InfoSecBulletin

Trust: 4.75

Fetched: Jan. 16, 2026, 9:51 a.m., Published: Jan. 6, 2026, 9:32 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: node.js model: node.js
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: google model: android
vendor: google model: chrome
db: NVD ids: CVE-2025-8110, CVE-2026-0227

React2Shell exploitation continues to escalate, posing 'significant risk' | TechRadar

Trust: 3.75

Fetched: Jan. 16, 2026, 9:51 a.m., Published: Dec. 19, 2025, 8:50 p.m.
 Vulnerabilities: authentication bug
Affected productsExternal IDs
db: NVD ids: CVE-2025-55182

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

Trust: 5.5

Fetched: Jan. 16, 2026, 9:50 a.m., Published: Dec. 30, 2025, 4:28 p.m.
 Vulnerabilities: path traversal, code execution
Affected productsExternal IDs
vendor: clamav model: clamav
db: NVD ids: CVE-2025-52691

Security Now | A Podcast Covering Hot Topics in Tech Security | TWiT

Trust: 3.75

Fetched: Jan. 16, 2026, 9:50 a.m., Published: Jan. 20, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: chrome
vendor: google model: wifi
vendor: apple model: safari

Multiple Hikvision Vulnerabilities Let Attackers Cause Device Malfunction

Trust: 4.5

Fetched: Jan. 16, 2026, 9:49 a.m., Published: Jan. 13, 2026, 12:51 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: hikvision model: hikvision
vendor: wireshark model: wireshark
db: NVD ids: CVE-2025-66176, CVE-2025-66177

Critical-rated WatchGuard Firebox flaw under active attack • The Register

Trust: 4.75

Fetched: Jan. 16, 2026, 9:49 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: watchguard model: fireware
vendor: watchguard model: watchguard fireware
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-32978, CVE-2025-9242, CVE-2022-26318

Top 10 Best VAPT Tools in 2026

Trust: 4.5

Fetched: Jan. 16, 2026, 9:48 a.m., Published: Jan. 7, 2026, 7:20 a.m.
 Vulnerabilities: sql injection, directory traversal, cross-site scripting...
Affected productsExternal IDs
vendor: wireshark model: wireshark

CVE-2026-20973 is a vulnerability in Samsung Mobile Devices

Trust: 3.75

Fetched: Jan. 16, 2026, 9:46 a.m., Published: Jan. 9, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: samsung mobile
db: NVD ids: CVE-2026-20973

Zero-Day Attacks: Meaning, Examples, and Modern Defense Strategies | Splunk

Trust: 3.5

Fetched: Jan. 16, 2026, 9:45 a.m., Published: Jan. 7, 2026, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

Serial Port Privilege Escalation Vulnerabilities in Some Hikvision DVR Devices - Security Advisory - Hikvision Global

Trust: 5.0

Fetched: Jan. 16, 2026, 9:45 a.m., Published: Jan. 3, 2026, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: hikvision model: hikvision

CVE-2025-32396: Heap-based Buffer Overflow Vulnerability in RT-Labs P-Net - Ameeba Exploit Tracker

Related entries in the VARIoT vulnerabilities database: VAR-202505-1552

Trust: 4.75

Fetched: Jan. 16, 2026, 9:44 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: buffer overflow, system crash
Affected productsExternal IDs
db: NVD ids: CVE-2025-32396

WatchGuard warns critical flaw in Firebox devices facing exploitation | Cybersecurity Dive

Trust: 5.5

Fetched: Jan. 16, 2026, 9:42 a.m., Published: Dec. 23, 2025, midnight
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: watchguard model: firebox
vendor: watchguard model: fireware
vendor: watchguard model: watchguard fireware
db: NVD ids: CVE-2025-14733, CVE-2025-9242

www.cyber.gov.au

Trust: 4.25

Fetched: Jan. 16, 2026, 9:37 a.m., Published: May 16, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: watchguard model: firebox
db: NVD ids: CVE-2025-14733

VU#472136 - Information Leak and DoS Vulnerabilities in Redmi Buds 3 Pro through 6 Pro

Related entries in the VARIoT vulnerabilities database: VAR-201404-0592

Trust: 5.5

Fetched: Jan. 16, 2026, 9:36 a.m., Published: Jan. 3, 2026, midnight
 Vulnerabilities: information leak, resource exhaustion, denial of service
Affected productsExternal IDs
vendor: xiaomi model: redmi
db: NVD ids: CVE-2014-0160, CVE-2025-13834, CVE-2025-13328

Industry Vulnerability Update: Junos OS ICMPv4 DoS issue (CVE-2026-0203) | FastNetMon Official site

Trust: 3.25

Fetched: Jan. 16, 2026, 9:35 a.m., Published: Jan. 14, 2026, 11:27 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-0203

Microsoft warns about a critical vulnerability in Windows Secure Boot - Softonic

Trust: 3.0

Fetched: Jan. 16, 2026, 9:35 a.m., Published: Jan. 15, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-21265

Güralp Systems, Rockwell Automation and YoSmart: CISA issues multiple ICS advisories, details DoS vulnerability risk in Rockwell devices used in critical manufacturing

Trust: 5.0

Fetched: Jan. 16, 2026, 9:34 a.m., Published: Jan. 13, 2026, midnight
 Vulnerabilities: sql injection, session hijacking
Affected productsExternal IDs
vendor: rockwell model: automation factorytalk
vendor: rockwell model: factorytalk
vendor: rockwell automation model: automation factorytalk
vendor: rockwell automation model: factorytalk
vendor: rockwellautomation model: automation factorytalk
vendor: rockwellautomation model: factorytalk
db: NVD ids: CVE-2025-59451, CVE-2025-12807, CVE-2025-59448, CVE-2025-59452, CVE-2025-59449, CVE-2025-9368

Security Advisory: Weekly Advisory January 7th, 2025 | CyberMaxx

Trust: 4.75

Fetched: Jan. 16, 2026, 9:34 a.m., Published: Jan. 9, 2026, noon
 Vulnerabilities: command injection, path traversal, code execution...
Affected productsExternal IDs
db: NVD ids: CVE-2025-59469, CVE-2025-59470, CVE-2026-21440, CVE-2026-21858, CVE-2025-55125, CVE-2026-0625, CVE-2025-59468