VARIoT news about IoT security

Trust: 4.25

Fetched: Feb. 27, 2026, 9:47 a.m., Published: Feb. 5, 2026, 5:03 p.m.
Vulnerabilities: privilege escalation, code execution, command injection
Affected productsExternal IDs
vendor: cisco model: personal assistant
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo model: networks
vendor: palo model: firewall
db: NVD ids: CVE-2026-24763, CVE-2026-25157, CVE-2026-22708, CVE-2026-25253

Trust: 4.75

Fetched: Feb. 27, 2026, 9:46 a.m., Published: Feb. 25, 2026, midnight
Vulnerabilities: command execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-13942, CVE-2025-13943, CVE-2026-1459

Trust: 3.25

Fetched: Feb. 27, 2026, 9:45 a.m., Published: Feb. 26, 2026, 6:08 a.m.
Vulnerabilities: authentication flaw, default credentials
Affected productsExternal IDs

Trust: 4.0

Fetched: Feb. 27, 2026, 9:45 a.m., Published: Jan. 27, 8063, midnight
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

Trust: 4.75

Fetched: Feb. 27, 2026, 9:44 a.m., Published: Feb. 3, 2026, midnight
Vulnerabilities: command execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-13942, CVE-2025-13943, CVE-2026-1459

Trust: 5.0

Fetched: Feb. 27, 2026, 9:43 a.m., Published: Feb. 23, 2026, 1:42 p.m.
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: grandstream model: gxp1600

Trust: 3.25

Fetched: Feb. 27, 2026, 9:42 a.m., Published: Feb. 27, 2026, 7:19 a.m.
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-21902

Trust: 5.0

Fetched: Feb. 27, 2026, 9:42 a.m., Published: Feb. 26, 2026, 11:08 p.m.
Vulnerabilities: command execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-13942, CVE-2024-40892, CVE-2025-13943, CVE-2026-1459, CVE-2024-40891

Trust: 4.0

Fetched: Feb. 27, 2026, 9:42 a.m., Published: Feb. 27, 2026, 2:16 a.m.
Vulnerabilities: os command injection, code execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-20764

Trust: 5.0

Fetched: Feb. 27, 2026, 9:41 a.m., Published: Feb. 25, 2026, 3:59 p.m.
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: nx-os software
vendor: cisco model: mds 9000
vendor: cisco model: series switches
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus
vendor: cisco model: nexus 9000
vendor: cisco model: firepower 9300
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: firepower 2100
vendor: cisco model: nexus 3000
vendor: cisco model: firepower
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus 7000
vendor: cisco model: mds 9000 series

Trust: 4.0

Fetched: Feb. 27, 2026, 9:41 a.m., Published: Feb. 25, 2026, 3:59 p.m.
Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: cisco ucs manager
vendor: cisco model: ucs manager
vendor: cisco model: series

Trust: 6.75

Fetched: Feb. 27, 2026, 9:40 a.m., Published: Feb. 25, 2026, 5:25 p.m.
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: nx-os software
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus 3000
vendor: cisco model: series switches
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: link layer discovery protocol
vendor: cisco model: nexus
db: NVD ids: CVE-2026-20010

Trust: 4.25

Fetched: Feb. 27, 2026, 9:40 a.m., Published: Feb. 27, 2026, 8:55 a.m.
Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-21902

Trust: 3.0

Fetched: Feb. 27, 2026, 9:39 a.m., Published: Feb. 26, 2026, 10:22 p.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: sd-wan
vendor: cisco model: cisco sd-wan

Trust: 5.75

Fetched: Feb. 27, 2026, 9:38 a.m., Published: Feb. 25, 2026, 5:25 p.m.
Vulnerabilities: denial of service, kernel panic
Affected productsExternal IDs
vendor: cisco model: nx-os software
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus 9000
vendor: cisco model: nexus 9000 series
vendor: cisco model: cisco nexus 9000 series
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: nexus
db: NVD ids: CVE-2026-20048

Trust: 4.0

Fetched: Feb. 27, 2026, 9:37 a.m., Published: Feb. 25, 2026, 3:59 p.m.
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: nx-os software
vendor: cisco model: mds 9000
vendor: cisco model: series switches
vendor: cisco model: ucs manager
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus
vendor: cisco model: nexus 9000
vendor: cisco model: firepower 9300
vendor: cisco model: cisco ucs manager
vendor: cisco model: cisco nexus 9000 series
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: firepower 2100
vendor: cisco model: nexus 3000
vendor: cisco model: link layer discovery protocol
vendor: cisco model: firepower
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus 7000
vendor: cisco model: mds 9000 series

Trust: 5.0

Fetched: Feb. 27, 2026, 9:37 a.m., Published: Feb. 25, 2026, 3:59 p.m.
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco application policy infrastructure controller
vendor: cisco model: application policy infrastructure controller

Trust: 5.0

Fetched: Feb. 27, 2026, 9:36 a.m., Published: Feb. 25, 2026, 8:28 p.m.
Vulnerabilities: command execution, code execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-13942, CVE-2025-11848, CVE-2025-11846, CVE-2025-11847, CVE-2025-11845, CVE-2025-13943, CVE-2026-1459
Related entries in the VARIoT vulnerabilities database: VAR-201205-0305

Trust: 6.25

Fetched: Feb. 27, 2026, 9:35 a.m., Published: Feb. 26, 2026, midnight
Vulnerabilities: path traversal, command injection, parameter injection...
Affected productsExternal IDs
vendor: polycom model: vvx 500
vendor: yealink model: voip phone
vendor: filezilla model: server
vendor: axis model: axis
vendor: axis model: ip cameras
vendor: d-link model: router
vendor: netgear model: router
vendor: huawei model: nice
vendor: huawei model: huawei
db: NVD ids: CVE-2012-1823, CVE-2018-7600, CVE-2018-20062

Trust: 4.0

Fetched: Feb. 27, 2026, 9:34 a.m., Published: Feb. 25, 2026, 3:59 p.m.
Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: cisco ucs manager
vendor: cisco model: ucs manager
vendor: cisco model: series