VARIoT latest news about IoT security

Cyber security alert issued by Indian Govt for Apple, mac and chrome users - Full details inside Trust: 4.5 Fetched: Feb. 3, 2026, 9:52 a.m., Published: Feb. 1, 2026, 10:14 a.m.	Vulnerabilities: privilege escalation, information disclosure, denial of service...

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome
vendor:	google	model:	home
vendor:	apple	model:	ipad
vendor:	apple	model:	tvos
vendor:	apple	model:	watch
vendor:	apple	model:	iphone
vendor:	apple	model:	safari
vendor:	apple	model:	watchos
vendor:	apple	model:	webkit
vendor:	apple	model:	macos

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review Trust: 5.5 Fetched: Feb. 3, 2026, 9:52 a.m., Published: Jan. 28, 2026, 8:42 a.m.	Vulnerabilities: path traversal, authentication bypass, certificate validation vulnerability

Affected products

External IDs

vendor:	sonicwall	model:	sma100
vendor:	sonicwall	model:	netextender
vendor:	apple	model:	safari

db:

NVD

ids:

CVE-2026-24858, CVE-2024-29014, CVE-2025-59719, CVE-2025-59718, CVE-2024-48865, CVE-2024-11667

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review Trust: 5.5 Fetched: Feb. 3, 2026, 9:51 a.m., Published: Jan. 28, 2026, 8:42 a.m.	Vulnerabilities: authentication bypass, command execution

Affected products

External IDs

vendor:	palo alto networks	model:	firewall
vendor:	palo alto networks	model:	pan-os
vendor:	palo alto networks	model:	networks
vendor:	palo	model:	firewall
vendor:	palo	model:	pan-os
vendor:	palo	model:	networks

db:

NVD

ids:

CVE-2024-0012, CVE-2026-24858, CVE-2025-59719, CVE-2024-43451, CVE-2025-59718, CVE-2024-9474

CISA: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 - Cyber Security Review Trust: 5.75 Fetched: Feb. 3, 2026, 9:51 a.m., Published: Jan. 28, 2026, 8:42 a.m.	Vulnerabilities: authentication flaw, authentication bypass, feature bypass...

Affected products

External IDs

vendor:

fortigate

model:

fortios

db:

NVD

ids:

CVE-2024-37079, CVE-2026-24858, CVE-2025-59719, CVE-2026-21509, CVE-2025-59718

Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released Trust: 3.5 Fetched: Feb. 3, 2026, 9:50 a.m., Published: Jan. 30, 2026, 4:43 a.m.	Vulnerabilities: code injection, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2026-1281, CVE-2026-1340

2nd February 2026 Cyber Update: Ivanti Zero-Days Expose Mobile Devices Trust: 4.0 Fetched: Feb. 3, 2026, 9:49 a.m., Published: Feb. 2, 2026, midnight	Vulnerabilities: code injection

Affected products

External IDs

db:

NVD

ids:

CVE-2026-1281, CVE-2026-1340

Herhangi bir cihazda İndirilenler klasörü nasıl bulunur Trust: 3.0 Fetched: Feb. 3, 2026, 9:38 a.m., Published: March 18, 2025, 1:59 p.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

Dosya indirme - Android - Google Chrome Yardım Trust: 3.0 Fetched: Feb. 3, 2026, 9:37 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	google chrome
vendor:	google	model:	chrome

Critical Linux Warning: 800,000 Devices Are EXPOSED - Freedoms Phoenix Trust: 6.0 Fetched: Feb. 1, 2026, 9:38 a.m., Published: -	Vulnerabilities: authentication bypass

Affected products

External IDs

vendor:

wireshark

model:

wireshark

db:

NVD

ids:

CVE-2026-24061, CVE-2026-2461

Update Canonical Ubuntu Desktop: USN-7982-1: FFmpeg vulnerabilities Trust: 6.0 Fetched: Feb. 1, 2026, 9:37 a.m., Published: Jan. 1, 7982, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

canonical

model:

ubuntu

db:

NVD

ids:

CVE-2025-59732, CVE-2025-59728, CVE-2025-59731, CVE-2025-59733, CVE-2025-63757

Update Canonical Ubuntu Desktop: USN-7983-1: containerd vulnerabilities Trust: 6.25 Fetched: Feb. 1, 2026, 9:36 a.m., Published: Jan. 1, 7983, midnight	Vulnerabilities: denial of service

Affected products

External IDs

vendor:

canonical

model:

ubuntu

db:

NVD

ids:

CVE-2025-64329, CVE-2024-25621

CVE-2024-55569: Critical Length Check Vulnerability in Samsung Mobile and Wearable Processors and Modems - Ameeba Exploit Tracker Trust: 4.75 Fetched: Feb. 1, 2026, 9:35 a.m., Published: Nov. 30, 0001, midnight	Vulnerabilities: code execution

Affected products

External IDs

vendor:	samsung	model:	samsung mobile
vendor:	samsung	model:	exynos
vendor:	samsung	model:	mobile
vendor:	samsung	model:	samsung

db:

NVD

ids:

CVE-2024-55569

CISA Warns of FortiCloud SSO Authentication Bypass Vulnerability Exploited in Attacks Trust: 4.75 Fetched: Feb. 1, 2026, 9:33 a.m., Published: Jan. 29, 2026, 2:47 p.m.	Vulnerabilities: code execution, privilege escalation, authentication bypass

Affected products

External IDs

vendor:

fortigate

model:

fortios

db:

NVD

ids:

CVE-2026-24858

Multiple D-Link DSL gateway devices contain a command... · CVE-2026-0625 · GitHub Advisory Database · GitHub Trust: 5.75 Fetched: Feb. 1, 2026, 9:33 a.m., Published: Jan. 6, 2026, midnight	Vulnerabilities: code execution, command injection

Affected products

External IDs

vendor:	d-link	model:	dsl-2640b
vendor:	d-link	model:	dsl-2740r

db:

NVD

ids:

CVE-2026-0625

Redmi Buds Vulnerability Allow Attackers Access Call Data and Trigger Firmware Crashes Trust: 4.75 Fetched: Feb. 1, 2026, 9:32 a.m., Published: Jan. 19, 2026, 7:55 a.m.	Vulnerabilities: information leak, denial of service, improper bounds checking...

Affected products

External IDs

vendor:

xiaomi

model:

redmi

db:

NVD

ids:

CVE-2025-13834, CVE-2025-13328

The 7 Stages of Vulnerability Management Lifecycle Trust: 4.25 Fetched: Feb. 1, 2026, 9:31 a.m., Published: Feb. 7, 2026, midnight	Vulnerabilities: code execution, sql injection

Affected products

External IDs

vendor:	cisco	model:	intrusion prevention system
vendor:	cisco	model:	umbrella

db:

NVD

ids:

CVE-2023-38545

17 Security Tips to Protect Your Raspberry Pi Like a Pro - RaspberryTips Trust: 4.5 Fetched: Feb. 1, 2026, 9:29 a.m., Published: Nov. 28, 2024, 5:32 a.m.	Vulnerabilities: default password

Affected products

External IDs

vendor:	google	model:	home
vendor:	putty	model:	putty

ERROR: The request could not be satisfied Trust: 3.25 Fetched: Feb. 1, 2026, 9:29 a.m., Published: Feb. 1, 2026, midnight	Vulnerabilities: configuration error

Affected products	External IDs

Android Security Bulletin January 2026: Why Mobile Device Security Audit Services Matter Trust: 3.5 Fetched: Feb. 1, 2026, 9:26 a.m., Published: Jan. 1, 2026, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	home
vendor:	google	model:	android
vendor:	google	model:	android one

db:

NVD

ids:

CVE-2025-54957

CVE-2025-71188 - dmaengine: lpc18xx-dmamux: fix device leak on route allocation Trust: 3.25 Fetched: Feb. 1, 2026, 9:26 a.m., Published: Jan. 31, 2026, 12:16 p.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2025-71188

VARIoT news about IoT security