Sign-up

VARIoT news about IoT security

PoC Released for Windows Vulnerability That Allows Attackers to Cause Unrecoverable BSOD Crashes

Trust: 3.5

Fetched: March 1, 2026, 9:29 a.m., Published: Feb. 26, 2026, 8:52 a.m.
 Vulnerabilities: system crash, kernel panic
Affected productsExternal IDs
db: NVD ids: CVE-2026-2636, CVE-2022-37969, CVE-2023-28252, CVE-2025-29824, CVE-2024-6768

About the security content of iOS 26.3 and iPadOS 26.3 - Apple Support

Trust: 5.25

Fetched: March 1, 2026, 9:28 a.m., Published: March 26, 2026, midnight
 Vulnerabilities: process crash, bounds access issue, authorization issue...
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: iphone
vendor: apple model: ipad air
db: NVD ids: CVE-2026-20661, CVE-2026-20660, CVE-2026-20609, CVE-2026-20649, CVE-2026-20671, CVE-2026-20674, CVE-2026-20617, CVE-2026-20655, CVE-2026-20663, CVE-2026-20700, CVE-2026-20627, CVE-2026-20641, CVE-2026-20635, CVE-2026-20667, CVE-2026-20650, CVE-2025-59375, CVE-2026-20676, CVE-2026-20675, CVE-2026-20677, CVE-2026-20611, CVE-2026-20606, CVE-2026-20628, CVE-2026-20615, CVE-2025-43529, CVE-2026-20678, CVE-2026-20638, CVE-2026-20654, CVE-2026-20653, CVE-2026-20634, CVE-2026-20640, CVE-2026-20608, CVE-2026-20652, CVE-2026-20645, CVE-2026-20626, CVE-2026-20644, CVE-2026-20680, CVE-2026-20621, CVE-2026-20642, CVE-2026-20636, CVE-2026-20682, CVE-2025-14174

Cisco Warns Of Three Year Exploitation Of Critical 10.0 Bug In Catalyst SD WAN Devices

Trust: 3.0

Fetched: March 1, 2026, 9:27 a.m., Published: Feb. 27, 2026, 3 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: catalyst

Cisco Catalyst SD-WAN Vulnerabilities

Trust: 5.25

Fetched: March 1, 2026, 9:27 a.m., Published: Feb. 25, 2026, 3:59 p.m.
 Vulnerabilities: information disclosure, authentication bypass, file overwrite vulnerability...
Affected productsExternal IDs
vendor: cisco model: sd-wan
vendor: cisco model: wan manager
vendor: cisco model: catalyst
db: NVD ids: CVE-2026-20128, CVE-2026-20129, CVE-2026-20122, CVE-2026-20126, CVE-2026-20133

Update Canonical Ubuntu Server: USN-8063-1: Protocol Buffers vulnerability

Trust: 4.0

Fetched: March 1, 2026, 9:26 a.m., Published: Jan. 1, 8063, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

CVE-2026-1627 - Cisco SSH Weak MAC Algorithm Vulnerability

Trust: 3.0

Fetched: March 1, 2026, 9:25 a.m., Published: Feb. 27, 2026, 9:16 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-1627

Juniper issues emergency patch for critical PTX router RCE

Trust: 4.25

Fetched: March 1, 2026, 9:25 a.m., Published: Feb. 27, 2026, 11:40 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-21902

Enhancing IoT Security: Addressing Vulnerabilities and Frameworks by Teddy Jindal on Prezi

Trust: 3.0

Fetched: March 1, 2026, 9:24 a.m., Published: March 1, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs

CVE-2026-20107 | TenableĀ®

Trust: 6.0

Fetched: March 1, 2026, 9:23 a.m., Published: Feb. 25, 2026, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco application policy infrastructure controller
vendor: cisco model: application policy infrastructure controller
db: NVD ids: CVE-2026-20107

Juniper Networks PTX Vulnerability Allows Full Router Takeover, Exposing Networks

Trust: 3.25

Fetched: March 1, 2026, 9:23 a.m., Published: Feb. 27, 2026, 5:33 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-21902

CVE-2026-27751: CVE-2026-27751: Hardcoded Default Credentials in SODOLA SL902-SWTGW124AS | CVEReports

Trust: 5.0

Fetched: March 1, 2026, 9:23 a.m., Published: Feb. 27, 2026, 6:07 p.m.
 Vulnerabilities: default credentials, default configuration file
Affected productsExternal IDs
db: NVD ids: CVE-2026-27751

CVE-2026-27752: CVE-2026-27752: Cleartext Credential Exposure in SODOLA SL902-SWTGW124AS Switches | CVEReports

Trust: 3.25

Fetched: March 1, 2026, 9:22 a.m., Published: Feb. 27, 2026, 6:08 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-27752

CVE-2026-27465 - Exposed Google Calendar Credentials in Fleet API - Analysis, PoC, and Fix

Trust: 3.75

Fetched: March 1, 2026, 9:21 a.m., Published: Feb. 26, 2026, 2:54 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2026-27465

CVE-2026-20033 - Cisco NX-OS Software Denial of Service Vulnerability

Trust: 6.0

Fetched: March 1, 2026, 9:15 a.m., Published: Feb. 25, 2026, 5:25 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: nexus 9000
vendor: cisco model: cisco nx-os
vendor: cisco model: cisco nexus 9000 series
vendor: cisco model: series
vendor: cisco model: nx-os
vendor: cisco model: nx-os software
vendor: cisco model: nexus
vendor: cisco model: nexus 9000 series
db: NVD ids: CVE-2026-20033

Device Vulnerability Management Market: Competitive Landscape & Market Positioning

Trust: 3.5

Fetched: March 1, 2026, 9:11 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: trend model: security
vendor: cisco model: threat response
vendor: palo model: networks

Download the YouTube mobile app - Android - YouTube Help

Trust: 3.25

Fetched: March 1, 2026, 9:09 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Grandstream GXP1600 VoIP Phones Face Critical RCE Vulnerability

Trust: 5.5

Fetched: Feb. 27, 2026, 10:10 a.m., Published: Feb. 23, 2026, 4:51 a.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: grandstream model: gxp1600
vendor: grandstream model: gxp1610
db: NVD ids: CVE-2026-2329

CVE-2026-20910 - Copeland XWEB and XWEB Pro OS Command Injection

Trust: 4.0

Fetched: Feb. 27, 2026, 10:09 a.m., Published: Feb. 27, 2026, 1:16 a.m.
 Vulnerabilities: os command injection, code execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-20910

Zyxel announces RCE patches for numerous network devices | Healthcare IT News

Related entries in the VARIoT vulnerabilities database: VAR-201704-1556

Trust: 3.75

Fetched: Feb. 27, 2026, 10:08 a.m., Published: Feb. 25, 2026, 11:16 a.m.
 Vulnerabilities: pointer dereference vulnerability, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-11848, CVE-2025-13942, CVE-2025-11846, CVE-2025-11847, CVE-2025-11845, CVE-2025-13943, CVE-2026-1459, CVE-2017-6884

Governments issue warning over Cisco zero-day attacks dating back to 2023 | CyberScoop

Related entries in the VARIoT vulnerabilities database: VAR-202209-1914

Trust: 3.75

Fetched: Feb. 27, 2026, 10:08 a.m., Published: Feb. 25, 2026, 11:51 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: sd-wan
vendor: cisco model: series
vendor: cisco model: cisco sd-wan
vendor: trend model: security
db: NVD ids: CVE-2026-20127, CVE-2022-20775