VARIoT latest news about IoT security

Is your Android device secure? A new vulnerability allows hackers to steal your phone's data in just 1 minute, raising concerns among users \| NewsCrab Trust: 4.0 Fetched: March 18, 2026, 9:40 a.m., Published: March 1, 2026, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:

google

model:

android

Security Advisory - Vulnerability found in Dahua NVR/XVR device - Zhejiang Dahua Technology Co., Ltd. Trust: 3.0 Fetched: March 18, 2026, 9:36 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-31703

Ledger's Warning: Critical Firmware Flaw Threatens Mobile Crypto Security \| Cryptodamus Trust: 3.5 Fetched: March 18, 2026, 9:35 a.m., Published: March 11, 2026, 2:39 p.m.	Vulnerabilities: code injection

Affected products

External IDs

vendor:	google	model:	android
vendor:	trend	model:	security
vendor:	essential	model:	phone

Dangerous Security Flaw Affects Millions of Android Smartphones - Yahoo News UK Trust: 3.0 Fetched: March 18, 2026, 9:24 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-20435

CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs Trust: 5.25 Fetched: March 17, 2026, 10:15 a.m., Published: Feb. 19, 2026, 11:54 a.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2026-1670

Product and Support News \| WatchGuard Technologies Trust: 3.0 Fetched: March 17, 2026, 10:14 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	watchguard	model:	firebox
vendor:	watchguard	model:	fireware

‎m17 R2, BIOS installer blocked, vulnerable driver amifldrv64.sys \| DELL Technologies Trust: 3.25 Fetched: March 17, 2026, 10:13 a.m., Published: March 1, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Industrial Control System Vulnerabilities Hit Record Highs - Infosecurity Magazine Trust: 3.0 Fetched: March 17, 2026, 10:04 a.m., Published: Feb. 19, 2026, 1 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

rapid

model:

scada

CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED) Trust: 5.25 Fetched: March 17, 2026, 9:48 a.m., Published: Feb. 18, 2026, midnight	Vulnerabilities: code execution, buffer overflow

Affected products

External IDs

vendor:	canary	model:	canary
vendor:	grandstream	model:	gxp1610
vendor:	grandstream	model:	gxp1628
vendor:	grandstream	model:	gxp1615
vendor:	grandstream	model:	gxp1625
vendor:	grandstream	model:	gxp1630
vendor:	grandstream	model:	gxp1620
vendor:	grandstream	model:	gxp1600

db:

NVD

ids:

CVE-2026-2329

875 Million Android Phones At Risk From 60-Second Hack Trust: 4.0 Fetched: March 17, 2026, 9:39 a.m., Published: March 16, 2026, 7:34 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

essential

model:

phone

db:

NVD

ids:

CVE-2026-20435

Qualcomm GBL Exploit Unlocks Bootloaders on Android 16 Flagships Trust: 3.25 Fetched: March 17, 2026, 9:37 a.m., Published: March 16, 2026, 9:25 a.m.	Vulnerabilities: code execution, command injection

Affected products

External IDs

vendor:	samsung	model:	galaxy
vendor:	samsung	model:	android
vendor:	samsung	model:	samsung
vendor:	xiaomi	model:	redmi
vendor:	xiaomi	model:	miui
vendor:	oneplus	model:	oneplus

Protocol guided mutation fuzzing to automatically discover vulnerability in commercial IoT devices \| Discover Internet of Things \| Springer Nature Link Trust: 5.5 Fetched: March 17, 2026, 9:34 a.m., Published: March 14, 2026, midnight	Vulnerabilities: code injection

Affected products

External IDs

vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung
vendor:	google	model:	home
vendor:	google	model:	wifi
vendor:	wireshark	model:	wireshark

db:

NVD

ids:

CVE-2024-42531, CVE-2024-41623

Android Phones Vulnerability Can Break Lock Screen in Under 60 Seconds - El-Balad.com Trust: 3.0 Fetched: March 17, 2026, 9:22 a.m., Published: March 16, 2026, 6:34 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-20435

Android Phone Vulnerability Could Allow Hackers to… Trust: 4.0 Fetched: March 17, 2026, 9:20 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2025-20435

Werkzeug Vulnerability Allows Windows Device Names Exploitation - Advisories Trust: 3.0 Fetched: March 15, 2026, 10:11 a.m., Published: March 6, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-27199

Critical Android Update: Google Patches 44 Security Holes Trust: 5.75 Fetched: March 15, 2026, 10:09 a.m., Published: March 3, 2026, 5:52 a.m.	Vulnerabilities: privilege escalation

Affected products

External IDs

vendor:	google	model:	pixel
vendor:	google	model:	android
vendor:	oneplus	model:	oneplus
vendor:	oneplus	model:	one
vendor:	samsung	model:	samsung
vendor:	samsung	model:	android
vendor:	essential	model:	phone

db:

NVD

ids:

CVE-2024-43093, CVE-2024-50302

CVE-2026-22285 - Dell Device Management Agent Plaintext Storage of Password Vulnerability Trust: 3.0 Fetched: March 15, 2026, 10:09 a.m., Published: March 4, 2026, 4:16 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2026-22285

Cisco ASA 5500-X Devices Under Attack: U.S. CISA Issues Emergency Directive - Endpoint Security Related entries in the VARIoT vulnerabilities database: VAR-201404-0573, VAR-201404-0570 Trust: 5.5 Fetched: March 15, 2026, 10:08 a.m., Published: Sept. 29, 2025, 2:08 p.m.	Vulnerabilities: denial of service, command injection, privilege escalation...

Affected products

External IDs

vendor:	cisco	model:	firepower
vendor:	cisco	model:	device manager
vendor:	cisco	model:	firepower threat defense
vendor:	cisco	model:	asdm
vendor:	cisco	model:	adaptive security device manager
vendor:	cisco	model:	adaptive security appliance
vendor:	cisco	model:	cisco adaptive security appliance
vendor:	cisco	model:	ios software
vendor:	cisco	model:	asa series
vendor:	cisco	model:	asa 5500
vendor:	cisco	model:	asa software
vendor:	cisco	model:	series
vendor:	cisco	model:	security device manager

db:

NVD

ids:

CVE-2025-20333, CVE-2025-20363, CVE-2014-2129, CVE-2025-20362, CVE-2014-2126

Detection: Cisco IOS XE Implant Access \| Splunk Security Content Trust: 3.75 Fetched: March 15, 2026, 10:04 a.m., Published: Feb. 25, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	cisco	model:	cisco ios xe
vendor:	cisco	model:	ios xe
vendor:	cisco	model:	cisco ios
vendor:	cisco	model:	ios xe software

db:

NVD

ids:

CVE-2023-20198

Pixel Update Bulletin-March 2026 \| Android Open Source Project Trust: 4.25 Fetched: March 15, 2026, 10 a.m., Published: March 15, 2026, midnight	Vulnerabilities: code execution, information disclosure, denial of service

Affected products

External IDs

vendor:	google	model:	wifi
vendor:	google	model:	pixel
vendor:	google	model:	android

db:

NVD

ids:

CVE-2025-48611, CVE-2025-36920, CVE-2026-0119, CVE-2026-0122, CVE-2026-0112, CVE-2026-0115, CVE-2026-0118, CVE-2026-0113, CVE-2026-0109, CVE-2026-0110, CVE-2026-0123, CVE-2026-0121, CVE-2026-0124, CVE-2026-0116, CVE-2026-0107, CVE-2026-0108, CVE-2026-0117, CVE-2026-0120, CVE-2026-0111, CVE-2026-0114

VARIoT news about IoT security