Advisories, Government, Vulnerabilities, , ,
Cyber Security Government

Canadian Government Cyber Alerts

Canadian Government Cyber Alerts.

  • Cisco security advisory (AV25-376)
    by Canadian Centre for Cyber Security on June 25, 2025 at 7:25 pm

    <article data-history-node-id="6486" about="/en/alerts-advisories/cisco-security-advisory-av25-376" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-376<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 25, 2025</p> <p>On June 25, 2025, Cisco published a security advisory to address vulnerabilities in the following products:</p> <ul><li>Cisco ISE and ISE-PIC – versions prior to 3.3</li> <li>Cisco ISE and ISE-PIC – versions prior to 3.4</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6">Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities </a></li> <li><a href="https://tools.cisco.com/security/center/publicationListing.x">Cisco Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • VMware security advisory (AV25-375)
    by Canadian Centre for Cyber Security on June 25, 2025 at 6:05 pm

    <article data-history-node-id="6484" about="/en/alerts-advisories/vmware-security-advisory-av25-375" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-375<br /><strong>Date: </strong>June 25, 2025</p> <p>On June 24, 2025, VMware published a security advisory to address a vulnerability in the following product:</p> <ul><li>VMware Tanzu for Valkey – versions 8.0.2, 7.2.9</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35857">Security Advisories – TNZ-2025-0038</a></li> <li><a href="https://support.broadcom.com/web/ecx/security-advisory">Security Advisories – Tanzu</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Citrix security advisory (AV25-374)
    by Canadian Centre for Cyber Security on June 25, 2025 at 4:01 pm

    <article data-history-node-id="6481" about="/en/alerts-advisories/citrix-security-advisory-av25-374" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-374<br /><strong>Date: </strong>June 25, 2025</p> <p>On June 25, 2025, Citrix published a security advisory to address a vulnerability in the following products:</p> <ul><li>NetScaler ADC and NetScaler Gateway 14.1 – versions prior to 14.1-47.46</li> <li>NetScaler ADC and NetScaler Gateway 13.1 – versions prior to 13.1-59.19</li> <li>NetScaler ADC 13.1-FIPS and NDcPP – versions prior to 13.1-37.236-FIPS and NDcPP</li> </ul><p>Citrix has reported that exploits of CVE-2025-6543 on unmitigated appliances have been observed.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788&amp;articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_6543">Citrix Security Advisory – CTX694788</a></li> <li><a href="https://support.citrix.com/knowledge-center#/?ct=Security%20Bulletins&amp;searchText=&amp;sortBy=Created%20date&amp;pageIndex=1">Citrix Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Trend Micro security advisory (AV25-373)
    by Canadian Centre for Cyber Security on June 25, 2025 at 3:21 pm

    <article data-history-node-id="6480" about="/en/alerts-advisories/trend-micro-security-advisory-av25-373" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-373<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 25, 2025</p> <p>On June 20, 2025, Trend Micro published a security advisory to address a vulnerability in the following product:</p> <ul><li>Trend Micro Password Manager – versions prior to 5.8.0.1327</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://helpcenter.trendmicro.com/en-us/article/tmka-12946">Trend Micro Password Manager Link Following Privilege Escalation Vulnerability</a></li> <li><a href="https://success.trendmicro.com/en-US/vulnerability-response/">Trend Micro Business Success Vulnerability Response</a></li> </ul></div> </div> </div> </div> </div> </article>

  • TeamViewer security advisory (AV25-372)
    by Canadian Centre for Cyber Security on June 25, 2025 at 3:15 pm

    <article data-history-node-id="6479" about="/en/alerts-advisories/teamviewer-security-advisory-av25-372" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-372<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 25, 2025</p> <p>On June 24, 2025, TeamViewer released a security advisory to address a vulnerability in the following products:</p> <ul><li>TeamViewer Remote Full Client (Windows) – multiple versions</li> <li>TeamViewer Remote Host (Windows) – multiple versions</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://www.teamviewer.com/en-ca/resources/trust-center/security-bulletins/tv-2025-1002/ ">Improper Neutralization of Argument Delimiters in TeamViewer Clients – TV-2025-1002</a></li> <li><a href="https://www.teamviewer.com/en-ca/resources/trust-center/security-bulletins/">TeamViewer Trust Center</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Splunk security advisory (AV25-371)
    by Canadian Centre for Cyber Security on June 25, 2025 at 3:06 pm

    <article data-history-node-id="6477" about="/en/alerts-advisories/splunk-security-advisory-av25-371" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-371<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 25, 2025</p> <p>On June 23, 2025, Splunk published security advisories to address vulnerabilities in the following products:</p> <ul><li>splunk/splunk – version 9.4.1</li> <li>splunk/splunk – versions 9.3.0 to 9.3.3</li> <li>splunk/splunk – versions 9.2.0 to 9.2.5</li> <li>splunk/splunk – versions 9.1.0 to 9.1.8</li> <li>splunk/universalforwarder – version 9.4.1</li> <li>splunk/universalforwarder – versions 9.3.0 to 9.3.3</li> <li>splunk/universalforwarder – versions 9.2.0 to 9.2.5</li> <li>splunk/universalforwarder – versions 9.1.0 to 9.1.8</li> <li>Splunk Operator for Kubernetes – versions prior to 2.8.0</li> <li>Splunk AppDynamics Smart Agent – versions prior to 25.5.1</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://advisory.splunk.com/advisories/SVD-2025-0607">Third-Party Package Updates in Splunk Enterprise – June 2025 – SVD-2025-0607 </a></li> <li><a href="https://advisory.splunk.com/advisories/SVD-2025-0608">Third-Party Package Updates in Splunk Enterprise – June 2025 – SVD-2025-0608</a></li> <li><a href="https://advisory.splunk.com/advisories/SVD-2025-0609 ">Third-Party Package Updates in Splunk Enterprise – June 2025 – SVD-2025-0609 </a></li> <li><a href="https://advisory.splunk.com/advisories/SVD-2025-0610 ">Third-Party Package Updates in Splunk Enterprise – June 2025 – SVD-2025-0610 </a></li> <li><a href="https://advisory.splunk.com/">Splunk Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • GitLab security advisory (AV25-370)
    by Canadian Centre for Cyber Security on June 25, 2025 at 12:48 pm

    <article data-history-node-id="6476" about="/en/alerts-advisories/gitlab-security-advisory-av25-370" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-370<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 25, 2025</p> <p>On June 25, 2025, GitLab published a security advisory to address a vulnerability in the following products:</p> <ul><li>GitLab Community Edition (CE) – versions prior to 18.1.1, 18.0.3 and 17.11.5</li> <li>GitLab Enterprise Edition (EE) – versions prior to 18.1.1, 18.0.3 and 17.11.5</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://about.gitlab.com/releases/2025/06/25/patch-release-gitlab-18-1-1-released/">GitLab Patch Release: 18.1.1, 18.0.3, 17.11.5 </a></li> <li><a href="https://about.gitlab.com/releases/categories/releases/">GitLab Releases</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Google Chrome security advisory (AV25-369)
    by Canadian Centre for Cyber Security on June 25, 2025 at 12:37 pm

    <article data-history-node-id="6475" about="/en/alerts-advisories/google-chrome-security-advisory-av25-369" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-369<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 25, 2025</p> <p>On June 24, 2025, Google published a security advisory to address vulnerabilities in the following products:</p> <ul><li>Stable Channel Chrome for Desktop – versions prior to138.0.7204.49/50 (Windows/Mac), and 138.0.7204.49 (Linux)</li> <li>Extended Stable Channel – versions prior to 138.0.7204.50 (Windows/Mac)</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p> <ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html">Google Chrome Security Advisory</a></li> </ul></div> </div> </div> </div> </div> </article>

  • GitHub security advisory (AV25-368)
    by Canadian Centre for Cyber Security on June 24, 2025 at 4:20 pm

    <article data-history-node-id="6474" about="/en/alerts-advisories/github-security-advisory-av25-368" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-368<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 24, 2025</p> <p>On June 18, 2025, GitHub published a security advisory to address vulnerabilities in the following products:</p> <ul><li>GitHub Enterprise Server – versions 3.17.x prior to 3.17.1</li> <li>GitHub Enterprise Server – versions 3.16.x prior to 3.16.4</li> <li>GitHub Enterprise Server – versions 3.15.x prior to 3.15.8</li> <li>GitHub Enterprise Server – versions 3.14.x prior to 3.14.13</li> <li>GitHub Enterprise Server – versions 3.13.x prior to 3.13.16</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://docs.github.com/en/enterprise-server@3.17/admin/release-notes">GitHub Release Notes #3.17.1</a></li> <li><a href="https://docs.github.com/en/enterprise-server@3.16/admin/release-notes">GitHub Release Notes # 3.16.4</a></li> <li><a href="https://docs.github.com/en/enterprise-server@3.15/admin/release-notes">GitHub Release Notes # 3.15.8</a></li> <li><a href="https://docs.github.com/en/enterprise-server@3.14/admin/release-notes">GitHub Release Notes # 3.14.13</a></li> <li><a href="https://docs.github.com/en/enterprise-server@3.13/admin/release-notes">GitHub Release Notes # 3.13.16</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Mozilla security advisory (AV25-367)
    by Canadian Centre for Cyber Security on June 24, 2025 at 2:46 pm

    <article data-history-node-id="6472" about="/en/alerts-advisories/mozilla-security-advisory-av25-367" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-367<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 24, 2025</p> <p>On June 24, 2025, Mozilla published security advisories to address vulnerabilities in the following products:</p> <ul><li>Firefox ESR – versions prior to 128.12</li> <li>Firefox ESR – versions prior to 115.25</li> <li>Firefox – versions prior to 140</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/">Mozilla Foundation Security Advisory MFSA 2025-53 </a></li> <li><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2025-52/">Mozilla Foundation Security Advisory MFSA 2025-52 </a></li> <li><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2025-51/">Mozilla Foundation Security Advisory MFSA 2025-51</a></li> <li><a href="https://www.mozilla.org/en-US/security/advisories/">Mozilla Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • HPE security advisory (AV25-366)
    by Canadian Centre for Cyber Security on June 24, 2025 at 12:29 pm

    <article data-history-node-id="6470" about="/en/alerts-advisories/hpe-security-advisory-av25-366" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-366<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 24, 2025</p> <p>On June 24, 2025, HPE published a security advisory to address a vulnerability in the following product:</p> <ul><li>HPE OneView for VMware vCenter with Operations Manager and Log Insight – versions prior to v11.7</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04876en_us&amp;docLocale=en_US">HPE Security Bulletin – hpesbgn04876en_us </a></li> <li><a href="https://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US">HPE Security Bulletin Library</a></li> </ul></div> </div> </div> </div> </div> </article>

  • HPE security advisory (AV25-365)
    by Canadian Centre for Cyber Security on June 23, 2025 at 8:04 pm

    <article data-history-node-id="6469" about="/en/alerts-advisories/hpe-security-advisory-av25-365" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-365<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 23, 2025</p> <p>On June 23, 2025, HPE published a security advisory to address a vulnerability in the following product:</p> <ul><li>HPE Telco Unified OSS Console – version prior to v3.1.16</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04885en_us&amp;docLocale=en_US">HPE Security Bulletin – hpesbnw04885en_us</a></li> <li><a href="https://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US">HPE Security Bulletin Library</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Mattermost security advisory (AV25-364)
    by Canadian Centre for Cyber Security on June 23, 2025 at 5:59 pm

    <article data-history-node-id="6468" about="/en/alerts-advisories/mattermost-security-advisory-av25-364" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-364<br /><strong>Date: </strong>June 23, 2025</p> <p>On May 21, 2025, Mattermost published security advisories to address vulnerabilities in multiple products. Included was a critical update for the following:</p> <ul><li>Mattermost Server (9.11.x) – versions 9.11.15 and prior</li> <li>Mattermost Server (10.5.x) – versions 10.5.5 and prior</li> <li>Mattermost Server (10.6.x) – versions 10.6.5 and prior</li> <li>Mattermost Server (10.7.x) – versions 10.7.2 and prior</li> <li>Mattermost Server (10.8.x) – versions 10.8.0 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-4981">CVE-2025-4981 Detail</a></li> <li><a href="https://mattermost.com/security-updates/">Mattermost Security Updates</a></li> </ul></div> </div> </div> </div> </div> </article>

  • [Control systems] CISA ICS security advisories (AV25–363)
    by Canadian Centre for Cyber Security on June 23, 2025 at 5:46 pm

    <article data-history-node-id="6467" about="/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av25-363" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-363<br /><strong>Date: </strong>June 23, 2025</p> <p>Between June 16 and 22, 2025, CISA published ICS advisories to address vulnerabilities in the following products:</p> <ul><li>Dover Fueling Solutions ProGauge MagLink LX 4 – versions prior to 4.20.3</li> <li>Dover Fueling Solutions ProGauge MagLink LX Plus – versions prior to 4.20.3</li> <li>Dover Fueling Solutions ProGauge MagLink LX Ultimate – versions prior to 5.20.3</li> <li>Fuji Electric Smart Editor – version 1.0.1.0 and prior</li> <li>LS Electric GMWin 4 – version 4.18</li> <li>Siemens Mendix Studio Pro – multiple versions and models</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.cisa.gov/news-events/cybersecurity-advisories?f%5B0%5D=advisory_type%3A95">CISA ICS Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Fortinet security advisory (AV25-362)
    by Canadian Centre for Cyber Security on June 23, 2025 at 5:34 pm

    <article data-history-node-id="6466" about="/en/alerts-advisories/fortinet-security-advisory-av25-362" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-362<br /><strong>Date: </strong>June 23, 2025</p> <p>On June 23, 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following:</p> <ul><li>FortiOS 7.4 – versions 7.4.0 to 7.4.3</li> <li>FortiOS 7.2 – versions 7.2.0 to 7.2.7</li> <li>FortiOS 7.0 – versions 7.0.0 to 7.0.14</li> <li>FortiOS 6.4 – all versions</li> <li>FortiOS 6.2 – all versions</li> <li>FortiOS 6.0 – all versions</li> <li>FortiPAM 1.2 – all versions</li> <li>FortiPAM 1.1 – all versions</li> <li>FortiPAM 1.0 – all versions</li> <li>FortiProxy 7.4 – versions 7.4.0 to 7.4.3</li> <li>FortiProxy 7.2 – versions 7.2.0 to 7.2.9</li> <li>FortiProxy 7.0 – versions 7.0.0 to 7.0.16</li> <li>FortiProxy 2.0 – all versions</li> <li>FortiProxy 1.2 – all versions</li> <li>FortiProxy 1.1 – all versions</li> <li>FortiProxy 1.0 – all versions</li> <li>FortiSwitchManager 7.2 – versions 7.2.0 to 7.2.3</li> <li>FortiSwitchManager 7.0 – versions 7.0.1 to 7.0.3</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.fortiguard.com/psirt/FG-IR-24-036">Fortinet PSIRT – FG-IR-24-036</a></li> <li><a href="https://www.fortiguard.com/psirt">Fortinet PSIRT Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Ubuntu security advisory (AV25-361)
    by Canadian Centre for Cyber Security on June 23, 2025 at 5:01 pm

    <article data-history-node-id="6465" about="/en/alerts-advisories/ubuntu-security-advisory-av25-361" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-361<br /><strong>Date: </strong>June 23, 2025</p> <p>Between June 16 and 22, 2025, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:</p> <ul><li>Ubuntu 20.04 LTS</li> <li>Ubuntu 18.04 LTS</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://ubuntu.com/security/notices/USN-7585-1">Ubuntu Security Notices – USN-7585-1</a></li> <li><a href="https://ubuntu.com/security/notices/USN-7585-2">Ubuntu Security Notices – USN-7585-2</a></li> <li><a href="https://ubuntu.com/security/notices">Ubuntu Security Notices</a></li> </ul></div> </div> </div> </div> </div> </article>

  • IBM security advisory (AV25-360)
    by Canadian Centre for Cyber Security on June 23, 2025 at 4:47 pm

    <article data-history-node-id="6464" about="/en/alerts-advisories/ibm-security-advisory-av25-360" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-360<br /><strong>Date: </strong>June 23, 2025</p> <p>Between June 16 and 22, 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:</p> <ul><li>IBM Cloud Pak for Data – versions 3.5 and 4.5</li> <li>IBM Cloud Pak for Data – versions 4.8.0 to 4.8.9, 5.0.0 to 5.0.3 and 5.1.0 to 5.1.3</li> <li>IBM Cloudera Data Platform Private Cloud Base with IBM (CDP) – versions 7.1.7 SP3 and 7.1.9 SP1</li> <li>IBM Cloudera Data Platform Private Cloud Data Services with IBM – versions 1.5.3 and 1.5.4</li> <li>IBM Cloudera Data Platform Streaming with IBM – versions 7.1.7 SP3 and 7.1.9 SP1</li> <li>IBM Cloudera Data Platform Streams Messaging Base with IBM Version – versions 7.1.7 SP3 and 7.1.9 SP1</li> <li>IBM Data Virtualization on Cloud Pak for Data – versions 3.1.0 to 3.1.2</li> <li>IBM Data Virtualization on Cloud Pak for Data – versions 1.7.0 to 1.7.8</li> <li>IBM Data Virtualization on Cloud Pak for Data – versions 1.8.0 to 1.8.3</li> <li>IBM Data Virtualization on Cloud Pak for Data – versions 3.0.0 to 3.0.3</li> <li>IBM Edge Data Collector – version 9.0.9</li> <li>IBM Event Processing – versions 1.0.0 to 1.3.2</li> <li>IBM Fusion HCI for watsonx – versions 2.8.2 to 2.9.0</li> <li>IBM Fusion HCI – versions 2.2.0 to 2.9.0</li> <li>IBM Fusion – versions 2.2.0 to 2.9.1</li> <li>IBM QRadar SIEM – versions 7.5 to 7.5.0 UP12 IF01</li> <li>IBM Storage Fusion Data Foundation – version 4.18.4</li> <li>IBM Watson Query on Cloud Pak for Data – versions 2.0.0 to 2.0.4</li> <li>IBM Watson Query on Cloud Pak for Data – versions 2.1.0 to 2.1.3</li> <li>IBM Watson Query on Cloud Pak for Data – versions 2.2.0 to 2.2.8</li> <li>IBM Watson Speech Services Cartridge – versions 4.0.0 to 5.1.3</li> <li>IBM watsonx Code Assistant On Prem – versions 5.0 to 5.1.2</li> <li>IBM watsonx.data – version 2.1.3</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.ibm.com/support/pages/bulletin">IBM Product Security Incident Response</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Dell security advisory (AV25-359)
    by Canadian Centre for Cyber Security on June 23, 2025 at 4:27 pm

    <article data-history-node-id="6463" about="/en/alerts-advisories/dell-security-advisory-av25-359" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-359<br /><strong>Date: </strong>June 23, 2025</p> <p>Between June 16 and 22, 2025, Dell published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:</p> <ul><li>Dell Connectrix B-Series – versions 9.0.0 to 9.2.2</li> <li>Dell Connectrix B-Series – versions prior to 2.4.0</li> <li>Dell Connectrix B-Series – versions prior to 9.2.2</li> <li>Dell Container Storage Modules – versions prior to 1.14</li> <li>Dell EMC XC Core XC7525 – versions prior to 2.14.1</li> <li>Dell Policy Manager for Secure Connect Gateway – versions prior to 5.28.00.14</li> <li>Dell PowerEdge C6525 – versions prior to 2.14.1</li> <li>Dell PowerEdge R6515 – versions prior to 2.14.1</li> <li>Dell PowerEdge R6525 – versions prior to 2.14.1</li> <li>Dell PowerEdge R7515 – versions prior to 2.14.1</li> <li>Dell PowerEdge R7525 – versions prior to 2.14.1</li> <li>Dell PowerEdge XE8545 – versions prior to 2.14.1</li> <li>Dell PowerFlex Custom Node – versions prior to 1.11.2</li> <li>Dell PowerFlex Custom Node – versions prior to 1.16.2</li> <li>Dell PowerFlex Custom Node – versions prior to 2.18.1</li> <li>Dell PowerFlex Custom Node – versions prior to 2.5.4</li> <li>Dell VxFlex Ready Node – versions prior to 2.23.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.dell.com/support/security/en-ca">Dell Security advisories and notices</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Microsoft Edge security advisory (AV25-358)
    by Canadian Centre for Cyber Security on June 20, 2025 at 8:54 pm

    <article data-history-node-id="6462" about="/en/alerts-advisories/microsoft-edge-security-advisory-av25-358" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-358<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong> June 20, 2025</p> <p>On June 20, 2025, Microsoft published a security update to address vulnerabilities in the following product:</p> <ul><li>Microsoft Edge Stable Channel – versions prior to 137.0.3296.93</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.</p> <ul class="list-unstyled"><li><a href="https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#june-20-2025">Microsoft Edge Stable Channel Release Notes</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • VMware security advisory (AV25-357)
    by Canadian Centre for Cyber Security on June 19, 2025 at 2:53 pm

    <article data-history-node-id="6459" about="/en/alerts-advisories/vmware-security-advisory-av25-357" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-357<br /><strong>Date: </strong>June 19, 2025</p> <p>On June 18, 2025, VMware released security advisories to address vulnerabilities in the following products:</p> <ul><li>VMware Tanzu Data Lake – versions prior to 1.1.0</li> <li>VMware Tanzu for Postgres on Kubernetes – versions prior to 4.1.0</li> <li>VMware Tanzu for Postgres on Kubernetes – versions prior to 4.2.0</li> <li>VMware Tanzu for Valkey on Kubernetes – versions prior to 1.1.0</li> <li>VMware Tanzu for Valkey on Kubernetes – versions prior to 2.0.0</li> <li>VMware Tanzu Greenplum – versions prior to 6.29.1</li> <li>VMware Tanzu Greenplum – versions prior to 7.5.0</li> <li>VMware Tanzu Greenplum – versions prior to Backup and Restore 1.31.1</li> <li>VMware Tanzu Greenplum Command Center – versions prior to 6.14.0</li> <li>VMware Tanzu Greenplum Command Center – versions prior to 7.4.0</li> <li>VMware Tanzu Greenplum Data Copy Utility – versions prior to 2.8.0</li> <li>VMware Tanzu Greenplum Streaming Server – versions prior to 2.1.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://support.broadcom.com/web/ecx/security-advisory?segment=VT">Security Advisories – Tanzu</a></li> <li><a href="https://support.broadcom.com/web/ecx/security-advisory?segment=VC">Security Advisories – VMware Cloud Foundation</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Cisco security advisory (AV25-356)
    by Canadian Centre for Cyber Security on June 18, 2025 at 6:16 pm

    <article data-history-node-id="6458" about="/en/alerts-advisories/cisco-security-advisory-av25-356" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-356<br /><strong>Date: </strong>June 18, 2025</p> <p>On June 18, 2025, Cisco published security advisories to address vulnerabilities in the following products:</p> <ul><li>Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway – multiple models</li> <li>Secure Endpoint Connector for Linux – versions prior to 1.26.1</li> <li>Secure Endpoint Connector for Mac – versions prior to 1.26.1</li> <li>Secure Endpoint Connector for Windows – versions prior to 7.5.21 and 8.4.5</li> <li>Secure Endpoint Private Cloud – versions prior to 4.2.2</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates if available.</p> <ul class="list-unstyled"><li><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-udf-hmwd9nDy">ClamAV UDF File Parsing Out-of-Bounds Read Information Disclosure Vulnerability</a></li> <li><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-sM5GCfm7">Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability</a></li> <li><a href="https://sec.cloudapps.cisco.com/security/center/publicationListing.x">Cisco Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Atlassian security advisory (AV25-355)
    by Canadian Centre for Cyber Security on June 18, 2025 at 2:53 pm

    <article data-history-node-id="6457" about="/en/alerts-advisories/atlassian-security-advisory-av25-355" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-355<br /><strong>Date: </strong>June 18, 2025</p> <p>On June 17, 2025, Atlassian published a security advisory to address vulnerabilities in the following products:</p> <ul><li>Bamboo Data Center and Server – multiple versions</li> <li>Bitbucket Data Center and Server – multiple versions</li> <li>Confluence Data Center and Server – multiple versions</li> <li>Crowd Data Center and Server – multiple versions</li> <li>Jira Data Center and Server – multiple versions</li> <li>Jira Service Management Data Center and Server – multiple versions</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://confluence.atlassian.com/security/security-bulletin-june-17-2025-1574012717.html">Security Bulletin – June 17 2025</a></li> <li><a href="https://www.atlassian.com/trust/security/advisories">Atlassian Security Advisories and Bulletins</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Apache Tomcat security advisory (AV25-354)
    by Canadian Centre for Cyber Security on June 18, 2025 at 11:55 am

    <article data-history-node-id="6455" about="/en/alerts-advisories/apache-tomcat-security-advisory-av25-354" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-354<br /><strong>Date: </strong>June 18, 2025</p> <p>On June 16, 2025, Apache published a security advisory to address a vulnerability in the following products:</p> <ul><li>Apache Tomcat – versions 11.0.0-M1 to 11.0.7</li> <li>Apache Tomcat – versions 10.1.0-M1 to 10.1.41</li> <li>Apache Tomcat – versions 9.0.0.M1 to 9.0.105</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://lists.apache.org/thread/nzkqsok8t42qofgqfmck536mtyzygp18">Apache Security Advisory – [SECURITY] CVE-2025-48988 Apache Tomcat – DoS in multipart upload</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Google Chrome security advisory (AV25-353)
    by Canadian Centre for Cyber Security on June 17, 2025 at 6:52 pm

    <article data-history-node-id="6454" about="/en/alerts-advisories/google-chrome-security-advisory-av25-353" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-353<br /><strong>Date: </strong>June 17, 2025</p> <p>On June 17, 2025, Google published a security advisory to address vulnerabilities in the following product:</p> <ul><li>Stable Channel Chrome for Desktop – versions prior to 137.0.7151.119/.120 (Windows/Mac), and 137.0.7151.119 (Linux)</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p> <ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html">Google Chrome Security Advisory</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Veeam security advisory (AV25-352)
    by Canadian Centre for Cyber Security on June 17, 2025 at 5:52 pm

    <article data-history-node-id="6453" about="/en/alerts-advisories/veeam-security-advisory-av25-352" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-352<br /><strong>Date: </strong>June 17, 2025</p> <p>On June 17, 2025, Veeam published a security advisory to address vulnerabilities in the following products:</p> <ul><li>Veeam Backup &amp; Replication – version 12.3.1.1139 and prior</li> <li>Veeam Agent for Microsoft Windows – version 6.3.1.1074 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.veeam.com/kb4743">Veeam Security Advisory – KB4743</a></li> <li><a href="https://www.veeam.com/knowledge-base.html">Veeam Knowledge Base</a></li> </ul></div> </div> </div> </div> </div> </article>

  • BeyondTrust security advisory (AV25-351)
    by Canadian Centre for Cyber Security on June 17, 2025 at 5:37 pm

    <article data-history-node-id="6452" about="/en/alerts-advisories/beyondtrust-security-advisory-av25-351" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-351<br /><strong>Date: </strong>June 17, 2025</p> <p>On June 16, 2025, BeyondTrust published a security advisory to address a vulnerability in the following products:</p> <ul><li>Remote Support – version 24.2.2 to 24.2.4, 24.3.1 to 24.3.3, and 25.1.1</li> <li>Privileged Remote Access – version 24.2.2 to 24.2.4, 24.3.1 to 24.3.3, and 25.1.1</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.beyondtrust.com/trust-center/security-advisories/bt25-04">BeyondTrust Security Advisory – Advisory ID: BT25-04</a></li> <li><a href="https://www.beyondtrust.com/trust-center/security-advisories">BeyondTrust Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Citrix security advisory (AV25-350)
    by Canadian Centre for Cyber Security on June 17, 2025 at 3:40 pm

    <article data-history-node-id="6451" about="/en/alerts-advisories/citrix-security-advisory-av25-350" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-350<br /><strong>Date: </strong>June 17, 2025</p> <p>On June 17, 2025, Citrix published security advisories to address vulnerabilities in the following products:</p> <ul><li>Citrix Secure Access Client for Windows – versions prior to 25.5.1.15</li> <li>NetScaler ADC and NetScaler Gateway 14.1 – versions prior to 14.1-43.56</li> <li>NetScaler ADC and NetScaler Gateway 13.1 – versions prior to 13.1-58.32</li> <li>NetScaler ADC 13.1-FIPS and NDcPP – versions prior to 13.1-37.235-FIPS and NDcPP</li> <li>NetScaler ADC 12.1-FIPS – versions prior to 12.1-55.328-FIPS</li> <li>NetScaler Console 14.1 – versions prior to 14.1.47.46</li> <li>NetScaler Console 13.1 – versions prior to 13.1.58.32</li> <li>NetScaler SDX (SVM) 14.1 – versions prior to 14.1.47.46</li> <li>NetScaler SDX (SVM) 13.1 – versions prior to 13.1.58.32</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694724&amp;articleURL=Citrix_Secure_Access_Client_for_Windows_Security_Bulletin_for_CVE_2025_0320">Citrix Security Advisory – CTX694724</a></li> <li><a href="https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420&amp;articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_5349_and_CVE_2025_5777">Citrix Security Advisory – CTX693420</a></li> <li><a href="https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694729&amp;articleURL=NetScaler_Console_and_NetScaler_SDX_SVM_Security_Bulletin_for_CVE_2025_4365">Citrix Security Advisory – CTX694729</a></li> <li><a href="https://support.citrix.com/knowledge-center#/?ct=Security%20Bulletins&amp;searchText=&amp;sortBy=Created%20date&amp;pageIndex=1">Citrix Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Grafana security advisory (AV25-349)
    by Canadian Centre for Cyber Security on June 16, 2025 at 8:18 pm

    <article data-history-node-id="6450" about="/en/alerts-advisories/grafana-security-advisory-av25-349" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-349<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 16, 2025</p> <p>On May 21, 2025, Grafana published a security advisory to address vulnerabilities in the following product:</p> <ul><li>Grafana – versions prior to 11.2, 11.3, 11.4, 11.5, 11.6 and 12.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://grafana.com/blog/2025/05/21/grafana-security-release-high-severity-security-fix-for-cve-2025-4123/">Grafana Security Advisory</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • [Control systems] CISA ICS security advisories (AV25–348)
    by Canadian Centre for Cyber Security on June 16, 2025 at 8:11 pm

    <article data-history-node-id="6449" about="/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av25-348" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-348<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 16, 2025</p> <p>Between June 9 and 15, 2025, CISA published ICS advisories to address vulnerabilities in the following products:</p> <ul><li>AVEVA PI Connector for CygNet – version 1.6.14 and prior</li> <li>AVEVA PI Data Archive – multiple versions</li> <li>AVEVA PI Server – multiple versions</li> <li>AVEVA PI Web API – versions 2023 SP1 and prior</li> <li>Hitachi Energy Relion 670 – version 2.2.0</li> <li>Hitachi Relion 650 – multiple versions</li> <li>Hitachi Relion 670 – multiple versions</li> <li>Hitachi SAM600-IO – multiple versions</li> <li>multiCAM Systems Pan-Tilt-Zoom Cameras – all versions</li> <li>PTZOptics – multiple versions and models</li> <li>Siemens Energy Services – all versions</li> <li>Siemens RUGGEDCOM APE1808 – all versions (with Palo Alto Networks Virtual NGFW with an enabled GlobalProtect gateway or portal)</li> <li>Siemens RUGGEDCOM RST2428P (6GK6242-6PA00) – versions prior to V3.1</li> <li>Siemens SCALANCE – multiple versions and models</li> <li>Siemens SIMATIC – multiple versions and models</li> <li>Siemens Tecnomatix Plant Simulation V2404 – versions prior to V2404.0013</li> <li>SinoTrack IOT PC Platform – all versions</li> <li>SMTAV Pan-Tilt-Zoom Cameras – all versions</li> <li>ValueHD Pan-Tilt-Zoom Cameras – all version</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.</p> <ul class="list-unstyled"><li><a href="https://www.cisa.gov/news-events/cybersecurity-advisories?f%5B0%5D=advisory_type%3A95">CISA ICS Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • Dell security advisory (AV25-347)
    by Canadian Centre for Cyber Security on June 16, 2025 at 4:47 pm

    <article data-history-node-id="6448" about="/en/alerts-advisories/dell-security-advisory-av25-347" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-347<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>June 16, 2025</p> <p>Between June 9 and 15, 2025, Dell published security advisories to address a vulnerability in the following product:</p> <ul><li>Dell iDRAC Tools – versions prior to 11.3.0.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.dell.com/support/kbdoc/en-us/000323242/dsa-2025-169-security-update-for-dell-idrac-tools-vulnerabilities">Dell Security Advisories – DSA-2025-169</a></li> <li><a href="https://www.dell.com/support/security/en-ca">Dell Security advisories and notices</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

Share Websitecyber

Related Posts:

We are an ethical website cyber security team and we perform security assessments to protect our clients.