Canadian Centre for Cyber Security Alerts & Advisories

<article data-history-node-id="6718" about="/en/alerts-advisories/hpe-security-advisory-av25-528" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-528<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 19, 2025</p> <p>On August 19, 2025, HPE published a security advisory to address vulnerabilities in the following product:</p> <ul><li>HPE IceWall Identity Manager – versions prior to v6.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbmu04921en_us&amp;docLocale=en_US#hpesbmu04921-rev-1-hpe-icewall-identity-manager-de-0">HPESBMU04921 rev.1 – HPE IceWall Identity Manager, Denial of Service</a></li> <li><a href="https://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US">HPE Security Bulletin Library</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6716" about="/en/alerts-advisories/red-hat-security-advisory-av25-527" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-527<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:</p> <ul><li>Red Hat CodeReady Linux Builder – multiple versions and platforms</li> <li>Red Hat Enterprise Linux – multiple versions and platforms</li> <li>Red Hat Enterprise Linux Server – multiple versions and platforms</li> <li>Red Hat Enterprise Linux for Real Time – multiple versions and platforms</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://access.redhat.com/security/security-updates/security-advisories">Red Hat Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6714" about="/en/alerts-advisories/microsoft-edge-security-advisory-av25-526" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-526<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 18, 2025</p> <p>On August 15, 2025, Microsoft published a security update to address vulnerabilities in the following products:</p> <ul><li>Microsoft Edge Stable Channel – versions prior to 139.0.3405.102</li> <li>Microsoft Extended Edge Stable Channel – versions prior to 138.0.3351.140</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.</p> <ul class="list-unstyled"><li><a href="https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#august-15-2025">Microsoft Edge Stable Channel Release Notes</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6715" about="/en/alerts-advisories/ibm-security-advisory-av25-525" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-525<br /><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, IBM published security advisories to address vulnerabilities in multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.ibm.com/support/pages/bulletin/">IBM Product Security Incident Response</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6713" about="/en/alerts-advisories/ubuntu-security-advisory-av25-524" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-524<br /><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:</p> <ul><li>Ubuntu 16.04 LTS</li> <li>Ubuntu 24.04 LTS</li> <li>Ubuntu 22.04 LTS</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://ubuntu.com/security/notices/USN-7685-5">USN-7685-5: Linux kernel (Oracle) vulnerabilities</a></li> <li><a href="https://ubuntu.com/security/notices/USN-7682-5">USN-7682-5: Linux kernel vulnerabilities</a></li> <li><a href="https://ubuntu.com/security/notices/USN-7681-3">USN-7681-3: Linux kernel (Oracle) vulnerability</a></li> <li><a href="https://ubuntu.com/security/notices">Ubuntu Security Notices</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6712" about="/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av25-523" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-523<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, CISA published ICS advisories to highlight vulnerabilities in multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.</p> <ul class="list-unstyled"><li><a href="https://www.cisa.gov/news-events/cybersecurity-advisories?f%5B0%5D=advisory_type%3A95">CISA ICS Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6711" about="/en/alerts-advisories/dell-security-advisory-av25-522" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-522<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, Dell published security advisories to address vulnerabilities in the following products:</p> <ul><li>Dell APEX Cloud Platform for Microsoft Azure – versions prior to 01.05.01.01</li> <li>Dell CloudLink – versions 8.0 to 8.1.1</li> <li>Dell Data Lakehouse – versions prior to 1.5.0.0</li> <li>Dell EMC XC Core XC7525 – version prior to 2.20.0</li> <li>Dell Intel E810 Adapters and Intel E823 LOM – versions prior to 24.0.0</li> <li>Dell Intel I350 and X550 Adapters – versions prior to 24.0.0</li> <li>Dell Intel X710, XXV710, and XL710 Adapters – versions prior to 24.0.0</li> <li>Dell OpenManage Enterprise – versions 3.10, 4.0, 4.1 and 4.2</li> <li>Dell PowerEdge R770, R670, R570, R470 – version prior to 1.3.2</li> <li>Dell PowerEdge Servers – multiple versions and models</li> <li>Dell PowerEdge T40 – versions prior to 1.19.0</li> <li>Dell PowerEdge XE7740 – versions prior to 1.2.2</li> <li>Dell PowerProtect DM5500 – versions prior to 5.19.1.0</li> <li>Dell SupportAssist for Business PCs – version 4.5.3 and prior</li> <li>Dell SupportAssist for Home PCs – version 4.8.2.29006 and prior</li> <li>Dell XC Core XC660, XC760, XC660xs, XC760xa – versions prior to 2.5.4</li> <li>Dell XC Core XC7625 – versions prior to 1.13.1</li> </ul><p>TThe Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.dell.com/support/security/en-ca">Dell Security advisories and notices</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6709" about="/en/alerts-advisories/vmware-security-advisory-av25-521" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-521<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 15, 2025</p> <p>On August 14, 2025, VMware published security advisories to address vulnerabilities in the following products:</p> <ul><li>VMware Tanzu for Valkey – version 7.2.9</li> <li>VMware Tanzu for Valkey – version 8.0.3</li> <li>VMware Tanzu for Valkey – version 8.1.2</li> <li>VMware Tanzu for Valkey on Kubernetes – version 2.1.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36035">Product Release Advisory – VMware Tanzu for Valkey 7.2.10</a></li> <li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36036">Product Release Advisory – VMware Tanzu for Valkey 8.0.4</a></li> <li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36037">Product Release Advisory – VMware Tanzu for Valkey 8.1.3</a></li> <li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36038">Product Release Advisory – VMware Tanzu for Valkey on Kubernetes 3.0.0</a></li> <li><a href="https://support.broadcom.com/web/ecx/security-advisory">Security Advisories – VMware Cloud Foundation</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6708" about="/en/alerts-advisories/google-chrome-security-advisory-av25-520" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-520<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 15, 2025</p> <p>On August 12, 2025, Google published a security advisory to address vulnerabilities in the following products:</p> <ul><li>Stable Channel Chrome for Desktop – versions prior to 139.0.7258.127/128 (Windows/Mac) and 139.0.7258.127 (Linux)</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p> <ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html">Google Chrome Security Advisory</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6707" about="/en/alerts-advisories/cisco-security-advisory-av25-519" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-519<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 15, 2025</p> <p>On August 14, 2025, Cisco published security advisories to address vulnerabilities in the multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the web link provided and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://tools.cisco.com/security/center/publicationListing.x">Cisco Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6706" about="/en/alerts-advisories/cyber-control-systems-siemens-security-advisory-av25-518" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-518<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 15, 2025</p> <p>On August 14, 2025, Siemens published advisories to address vulnerabilities in multiple products. Included were updates for the following products:</p> <ul><li>Mendix SAML (Mendix 9.24 compatible) – versions prior to V3.6.21</li> <li>Mendix SAML (Mendix 10.12 compatible) – versions prior to V4.0.3</li> <li>Mendix SAML (Mendix 10.21 compatible) – versions prior to V4.1.2</li> <li>Desigo CC family – all versions</li> <li>SENTRON Powermanager – all versions</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://cert-portal.siemens.com/productcert/html/ssa-395458.html">SSA-395458: Account Hijacking Vulnerability in Mendix SAML Module</a></li> <li><a href="https://cert-portal.siemens.com/productcert/html/ssa-201595.html">SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager</a></li> <li><a href="https://www.siemens.com/global/en/products/services/cert.html#SecurityPublications">Siemens Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6704" about="/en/alerts-advisories/n-able-security-advisory-av25-517" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-517<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 14, 2025</p> <p>On August 14, 2025, N-able published a security advisory to address vulnerabilities in the following product:</p> <ul><li>N-central – versions prior to 2025.3.1</li> </ul><p>On August 13, 2025, CISA added CVE-2025-8875 and CVE-2025-8876 to their Known Exploited Vulnerabilities (KEV) Catalog.</p> <p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.cisa.gov/news-events/alerts/2025/08/13/cisa-adds-two-known-exploited-vulnerabilities-catalog">KEV – CISA Adds Two Known Exploited Vulnerabilities to Catalog</a></li> <li><a href="https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/">Announcing the GA of N-central 2025.3.1</a></li> <li><a href="https://status.n-able.com/">N-able Status</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6703" about="/en/alerts-advisories/servicenow-security-advisory-av25-516" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-516<br /><strong>Date: </strong>August 14, 2025</p> <p>On August 12, 2025, ServiceNow published a Security Advisory to address a vulnerability in the following products:</p> <ul><li>ServiceNow Washington – multiple versions</li> <li>ServiceNow Xanadu – multiple versions</li> <li>ServiceNow Yokohama – multiple versions</li> <li>ServiceNow Zurich – multiple versions</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://support.servicenow.com/kb?id=kb_article_view&amp;sysparm_article=KB2264930">CVE-2025-3089 – Broken Access Control in ServiceNow AI Platform</a></li> <li><a href="https://support.servicenow.com/kb?id=kb_article_view&amp;sysparm_article=KB1226057">ServiceNow security advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6702" about="/en/alerts-advisories/palo-alto-networks-security-advisory-av25-515" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-515<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 14, 2025</p> <p>On August 13, 2025, Palo Alto Networks published security advisories to address vulnerabilities in the following products:</p> <ul><li>Checkov by Prisma Cloud 3.2.0 – versions prior to 3.2.449</li> <li>Cortex XDR Broker VM 28.0.0 – versions prior to 28.0.52</li> <li>GlobalProtect App 6.3 Linux – versions prior to 6.3.3</li> <li>GlobalProtect App 6.3 Windows – versions prior to 6.3.3-h2 (6.3.3-c676)</li> <li>GlobalProtect App 6.2 Linux – all versions</li> <li>GlobalProtect App 6.2 Windows – versions prior to 6.2.8-h3 (6.2.8-c263)</li> <li>GlobalProtect App 6.1 Linux/Windows – all versions</li> <li>GlobalProtect App 6.0 Linux/Windows – all versions</li> <li>PAN-OS 11.2 (On PA-7500) – versions prior to 11.2.8</li> <li>PAN-OS 11.1 (On PA-7500) – versions prior to 11.1.10</li> <li>Prisma Access Browser – versions prior to 138.69.4.184</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://security.paloaltonetworks.com/">Palo Alto Network Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6701" about="/en/alerts-advisories/drupal-security-advisory-av25-514" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-514<br /><strong>Date: </strong>August 14, 2025</p> <p>On August 13, 2025, Drupal published security advisories to address vulnerabilities in the following products:</p> <ul><li>Authenticator Login (Alogin) – versions prior to 2.1.4</li> <li>Layout Builder Advanced Permissions – version 2.2.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.drupal.org/sa-contrib-2025-096">Authenticator Login – Highly critical – Access bypass – SA-CONTRIB-2025-096</a></li> <li><a href="https://www.drupal.org/sa-contrib-2025-097">Layout Builder Advanced Permissions – Moderately critical – Access bypass – SA-CONTRIB-2025-097</a></li> <li><a href="https://www.drupal.org/security">Drupal Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6699" about="/en/alerts-advisories/control-systems-abb-security-advisory-av25-513" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-513<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 14, 2025</p> <p>On August 12, 2025, ABB published a security advisory to address a vulnerability in the following product:</p> <ul><li>ABB Ability zenon – versions 7.50, 7.60, 8.00, 8.20, 11, 12 and 14</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://search.abb.com/library/Download.aspx?DocumentID=2NGA002743&amp;LanguageCode=en&amp;DocumentPartId=&amp;Action=Launch">ABB AbilityTM zenon Remote Transport Vulnerability</a></li> <li><a href="https://global.abb/group/en/technology/cyber-security/alerts-and-notifications">ABB Cyber security alerts and notifications</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6698" about="/en/alerts-advisories/solarwinds-security-advisory-av25-512" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-512<br /><strong>Date: </strong>August 14, 2025</p> <p>On August 12, 2025, SolarWinds published a security advisory to address a vulnerability in the following product:</p> <ul><li>SolarWinds Database Performance Analyzer – version 2025.2 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.solarwinds.com/trust-center/security-advisories/cve-2025-26398">SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability (CVE-2025-26398)</a></li> <li><a href="https://www.solarwinds.com/trust-center/security-advisories">SolarWinds Security Vulnerabilities</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6697" about="/en/alerts-advisories/intel-security-advisory-av25-511" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-511<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 13, 2025</p> <p>On August 12, 2025, Intel published security advisories to address vulnerabilities in multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.intel.com/content/www/us/en/security-center/default.html">Intel Product Security Center Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6696" about="/en/alerts-advisories/foxit-security-advisory-av25-510" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-510<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 13, 2025</p> <p>On August 13, 2025, Foxit published security advisories to address vulnerabilities in the following products:</p> <ul><li>Foxit PDF Editor (Windows) – multiple versions</li> <li>Foxit PDF Editor for Mac – multiple versions</li> <li>Foxit PDF Reader (Windows) – version 2025.1.0.27937 and prior</li> <li>Foxit PDF Reader for Mac – version 2025.1.0.66692 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.foxit.com/support/security-bulletins.html">Foxit Security Bulletins</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6695" about="/en/alerts-advisories/f5-security-advisory-av25-509" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-509<br /><strong>Date: </strong>August 13, 2025</p> <p>On August 13, 2025, F5 published a security advisory to address vulnerabilities in the following products:</p> <ul><li>APM Clients – version 7.2.5</li> <li>BIG-IP (APM) – versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5 and versions 15.1.0 to 15.1.10</li> <li>BIG-IP (APM) – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6 and versions 15.1.0 to 15.1.10</li> <li>BIG-IP (all modules) – versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5 and versions 15.1.0 to 15.1.10</li> <li>BIG-IP (all modules) – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6 and versions 15.1.0 to 15.1.10</li> <li>BIG-IP Next (all modules) – versions 20.3.0</li> <li>BIG-IP Next CNF – versions 2.0.0 to 2.0.2 and versions 1.1.0 to 1.4.1</li> <li>BIG-IP Next SPK – versions 2.0.0 to 2.0.2 and versions 1.7.0 to 1.9.2</li> <li>BIG-IP Next for Kubernetes – version 2.0.0</li> <li>F5 Access for Android – versions 3.1.0 to 3.1.1</li> <li>F5 Silverline in HTTP/2 enabled proxy servers (all services)</li> <li>NGINX Open Source – versions 0.7.22 to 1.29.0</li> <li>NGINX Plus – versions R30 to R34</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://my.f5.com/manage/s/article/K000152635">F5 Quarterly Security Notification (August 2025)</a></li> </ul></div> </div> </div> </div> </div> </article>