Sign-up

VARIoT news about IoT security

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review

Related entries in the VARIoT vulnerabilities database: VAR-202304-2073

Trust: 5.5

Fetched: Feb. 3, 2026, 9:56 a.m., Published: Jan. 28, 2026, 8:42 a.m.
 Vulnerabilities: command injection, authentication bypass, code execution
Affected productsExternal IDs
vendor: citrix model: netscaler gateway
vendor: citrix model: gateway
vendor: citrix model: netscaler
vendor: citrix model: application delivery controller
vendor: google model: chrome
db: NVD ids: CVE-2023-3519, CVE-2026-24858, CVE-2025-59719, CVE-2023-28771, CVE-2025-59718, CVE-2023-23397

Fortinet Confirms Critical FortiCloud SSO Vulnerability(CVE-2026-24858) Actively Exploited in the Wild

Trust: 4.75

Fetched: Feb. 3, 2026, 9:56 a.m., Published: Jan. 28, 2026, 10:18 a.m.
 Vulnerabilities: improper access control, authentication bypass, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2026-24858

TP-Link Archer MR600 Router Vulnerability Enables Full Device Control - Advisories

Trust: 5.0

Fetched: Feb. 3, 2026, 9:56 a.m., Published: Feb. 2, 2026, 9:27 a.m.
 Vulnerabilities: command injection, service disruption
Affected productsExternal IDs
db: NVD ids: CVE-2025-14756

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review

Related entries in the VARIoT vulnerabilities database: VAR-201902-0454, VAR-201902-0427

Trust: 5.5

Fetched: Feb. 3, 2026, 9:55 a.m., Published: Jan. 28, 2026, 8:42 a.m.
 Vulnerabilities: path traversal, authentication bypass, code execution...
Affected productsExternal IDs
vendor: check point model: check point
vendor: check point software technologies model: check point
vendor: cisco model: rv215w wireless-n vpn router
vendor: cisco model: rv130w wireless-n multifunction vpn router
vendor: cisco model: rv110w wireless-n vpn firewall
vendor: cisco model: rv110w wireless-n vpn
vendor: cisco model: router
vendor: cisco model: routers
vendor: cisco model: rv110w
vendor: cisco model: cisco rv215w wireless-n vpn router
vendor: cisco model: cisco rv110w wireless-n vpn firewall
vendor: cisco model: cisco rv110w
vendor: cisco model: rv215w
vendor: cisco model: rv215w wireless-n vpn
vendor: cisco model: rv130w
db: NVD ids: CVE-2026-24858, CVE-2019-1688, CVE-2025-59719, CVE-2025-59718, CVE-2019-1663

Update Canonical Ubuntu Server: USN-7992-1: Inetutils vulnerability

Trust: 3.25

Fetched: Feb. 3, 2026, 9:54 a.m., Published: Jan. 3, 7992, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Apple's Unprecedented Security Update for Decade-Old iPhones Signals Shift in Legacy Device Support Strategy

Trust: 3.5

Fetched: Feb. 3, 2026, 9:53 a.m., Published: Feb. 1, 2026, 1:10 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: iphone
vendor: apple model: webkit
db: NVD ids: CVE-2025-24200, CVE-2025-24201

Critical Flaws in KiloView Devices Enable Complete Admin Takeover

Trust: 4.0

Fetched: Feb. 3, 2026, 9:53 a.m., Published: Feb. 3, 2026, 5:09 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2026-1453, CVE-2026-14539

Hikvision Wireless Access Points Vulnerability Enables Malicious Command

Trust: 5.5

Fetched: Feb. 3, 2026, 9:52 a.m., Published: Feb. 3, 2026, 1:43 p.m.
 Vulnerabilities: default credentials, command execution, denial of service...
Affected productsExternal IDs
vendor: hikvision model: hikvision
db: NVD ids: CVE-2026-0709

Cyber security alert issued by Indian Govt for Apple, mac and chrome users - Full details inside

Trust: 4.5

Fetched: Feb. 3, 2026, 9:52 a.m., Published: Feb. 1, 2026, 10:14 a.m.
 Vulnerabilities: privilege escalation, information disclosure, denial of service...
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
vendor: google model: home
vendor: apple model: ipad
vendor: apple model: tvos
vendor: apple model: watch
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: watchos
vendor: apple model: webkit
vendor: apple model: macos

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review

Trust: 5.5

Fetched: Feb. 3, 2026, 9:52 a.m., Published: Jan. 28, 2026, 8:42 a.m.
 Vulnerabilities: path traversal, authentication bypass, certificate validation vulnerability
Affected productsExternal IDs
vendor: sonicwall model: sma100
vendor: sonicwall model: netextender
vendor: apple model: safari
db: NVD ids: CVE-2026-24858, CVE-2024-29014, CVE-2025-59719, CVE-2025-59718, CVE-2024-48865, CVE-2024-11667

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review

Trust: 5.5

Fetched: Feb. 3, 2026, 9:51 a.m., Published: Jan. 28, 2026, 8:42 a.m.
 Vulnerabilities: authentication bypass, command execution
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
db: NVD ids: CVE-2024-0012, CVE-2026-24858, CVE-2025-59719, CVE-2024-43451, CVE-2025-59718, CVE-2024-9474

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review

Trust: 5.75

Fetched: Feb. 3, 2026, 9:51 a.m., Published: Jan. 28, 2026, 8:42 a.m.
 Vulnerabilities: authentication flaw, authentication bypass, feature bypass...
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2024-37079, CVE-2026-24858, CVE-2025-59719, CVE-2026-21509, CVE-2025-59718

Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released

Trust: 3.5

Fetched: Feb. 3, 2026, 9:50 a.m., Published: Jan. 30, 2026, 4:43 a.m.
 Vulnerabilities: code injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-1281, CVE-2026-1340

2nd February 2026 Cyber Update: Ivanti Zero-Days Expose Mobile Devices

Trust: 4.0

Fetched: Feb. 3, 2026, 9:49 a.m., Published: Feb. 2, 2026, midnight
 Vulnerabilities: code injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-1281, CVE-2026-1340

Herhangi bir cihazda İndirilenler klasörü nasıl bulunur

Trust: 3.0

Fetched: Feb. 3, 2026, 9:38 a.m., Published: March 18, 2025, 1:59 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Dosya indirme - Android - Google Chrome Yardım

Trust: 3.0

Fetched: Feb. 3, 2026, 9:37 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: google chrome
vendor: google model: chrome

Critical Linux Warning: 800,000 Devices Are EXPOSED - Freedoms Phoenix

Trust: 6.0

Fetched: Feb. 1, 2026, 9:38 a.m., Published: -
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: wireshark model: wireshark
db: NVD ids: CVE-2026-24061, CVE-2026-2461

Update Canonical Ubuntu Desktop: USN-7982-1: FFmpeg vulnerabilities

Trust: 6.0

Fetched: Feb. 1, 2026, 9:37 a.m., Published: Jan. 1, 7982, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-59732, CVE-2025-59728, CVE-2025-59731, CVE-2025-59733, CVE-2025-63757

Update Canonical Ubuntu Desktop: USN-7983-1: containerd vulnerabilities

Trust: 6.25

Fetched: Feb. 1, 2026, 9:36 a.m., Published: Jan. 1, 7983, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-64329, CVE-2024-25621

CVE-2024-55569: Critical Length Check Vulnerability in Samsung Mobile and Wearable Processors and Modems - Ameeba Exploit Tracker

Trust: 4.75

Fetched: Feb. 1, 2026, 9:35 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: samsung mobile
vendor: samsung model: exynos
vendor: samsung model: mobile
vendor: samsung model: samsung
db: NVD ids: CVE-2024-55569