Canadian Government Cyber Alerts

<article data-history-node-id="6557" about="/en/alerts-advisories/al25-009-vulnerability-impacting-microsoft-sharepoint-server-cve-2025-53770" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AL25-009<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>July 20, 2025<br /><strong>Updated:</strong> August 19, 2025</p> <h2>Audience</h2> <p>This Alert is intended for <abbr title="information technology">IT</abbr> professionals and managers of notified organizations.</p> <h2>Purpose</h2> <p>An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested.</p> <h2>Details</h2> <p>On July 19, Microsoft published a customer guidance for a critical SharePoint vulnerability CVE-2025-53770 that appears to be affecting all versions of on-premises SharePoint Server <sup id="fn1-rf"><a class="fn-lnk" href="#fn1"><span class="wb-inv">Footnote </span>1</a></sup>. SharePoint Online in Microsoft 365 is not impacted.</p> <p>CVE-2025-53770 involves the deserialization of untrusted data in on-premises Microsoft SharePoint Servers allowing an unauthorised attacker to execute code over a network.</p> <p>On July 22, 2025, Microsoft provided an update stating that CVE-2025-53770 is a patch bypass for CVE-2025-49704, and CVE-2025-53771 is a patch bypass for CVE-2025-49706 <sup id="fn8-rf"><a class="fn-lnk" href="#fn8"><span class="wb-inv">Footnote </span>8</a></sup><sup id="fn9-rf"><a class="fn-lnk" href="#fn9"><span class="wb-inv">Footnote </span>9</a></sup>.</p> <p>On August 12, 2025, Microsoft identified an additional vulnerability related to SharePoint CVE-2025-49712. This vulnerability also involves the deserialization of untrusted data in SharePoint Servers allowing an unauthorised attacker to execute code over the network <sup id="fn10-rf"><a class="fn-lnk" href="#fn10"><span class="wb-inv">Footnote </span>10</a></sup>.</p> <p>The Cyber Centre is aware of exploitation happening in Canada.</p> <p><strong>On 21 July, 2025, Microsoft released emergency patches for the following versions of SharePoint:</strong></p> <ul><li>Microsoft SharePoint Server Subscription Edition</li> <li>Microsoft SharePoint Server 2019</li> <li>Microsoft SharePoint Server 2016</li> </ul><h2>Potential indicators of compromise</h2> <p>The following indicators of compromise (IoCs) have been shared by the cyber security research community<sup id="fn3-rf"><a class="fn-lnk" href="#fn3"><span class="wb-inv">Footnote </span>3</a></sup> as a starting point for compromise detection.</p> <ul><li>Verify the presence of the following file: C:\PROGRA~1\COMMON~1\MICROS~1\WEBSER~1\16\TEMPLATE\LAYOUTS\spinstall0.aspx <ul><li>SHA256:92bb4ddb98eeaf11fc15bb32e71d0a63256a0ed826a03ba293ce3a8bf057a514</li> </ul></li> <li>Monitor IIS logs for POST requests to /_layouts/15/ToolPane.aspx?DisplayMode=Edit&amp;a=/ToolPane.aspx with a HTTP referer of /_layouts/SignOut.aspx</li> <li>Verify network logs for scanning or exploitation attempts from IPs 107.191.58[.]76, 104.238.159[.]149, and 96.9.125[.]147, particularly since July 17, 2025.</li> <li>Check for presence of file hashes that may indicate compromise <sup id="fn4-rf"><a class="fn-lnk" href="#fn4"><span class="wb-inv">Footnote </span>4</a></sup><sup id="fn5-rf"><a class="fn-lnk" href="#fn5"><span class="wb-inv">Footnote </span>5</a></sup>: <ul><li>SHA256:4a02a72aedc3356d8cb38f01f0e0b9f26ddc5ccb7c0f04a561337cf24aa84030</li> <li>SHA256:b39c14becb62aeb55df7fd55c814afbb0d659687d947d917512fe67973100b70</li> <li>SHA256:fa3a74a6c015c801f5341c02be2cbdfb301c6ed60633d49fc0bc723617741af7</li> <li>SHA256:27c45b8ed7b8a7e5fff473b50c24028bd028a9fe8e25e5cea2bf5e676e531014</li> <li>SHA256:8d3d3f3a17d233bc8562765e61f7314ca7a08130ac0fb153ffd091612920b0f2</li> <li>SHA256:b336f936be13b3d01a8544ea3906193608022b40c28dd8f1f281e361c9b64e93</li> <li>SHA256:f917e0fd57784e40d9a41069f30b2b5cf83db29b52072c308ff030eaf1fcd764</li> </ul></li> </ul><h2>Suggested actions</h2> <p>If your SharePoint Server is accessible via the internet, it is recommended to assess potential security compromises and consider isolating the affected instance until patching and threat hunt exercises are complete.<br /> It is recommended to rotate any credentials and secrets used on impacted servers, including service accounts.</p> <p>Additionally, the Cyber Centre strongly recommends that organizations follow Microsoft customer guidance for mitigation advice:</p> <ul><li>Use or upgrade to supported versions of on-premises Microsoft SharePoint Server.</li> <li><strong>Apply the latest security updates from Microsoft</strong>.</li> <li>Enable Antimalware Scan Interface (AMSI) integration in SharePoint Server.</li> <li>integration was enabled by default in the September 2023 security update for SharePoint Server 2016/2019 and the Version 23H2 feature update for SharePoint Server Subscription Edition <sup id="fn6-rf"><a class="fn-lnk" href="#fn6"><span class="wb-inv">Footnote </span>6</a></sup>.</li> <li>Deploy a compatible AMSI-capable antivirus/antimalware provider across all SharePoint servers.</li> <li><strong>Rotate SharePoint Server ASP.NET machine keys and restart IIS.</strong></li> </ul><p>Please note that the Cyber Center has identified evidence that AMSI may not consistently offer comprehensive protection against this form of exploitation, as threat actors frequently adapt their methods to evade detection.</p> <p>In addition, the Cyber Centre strongly recommends that organizations review and implement the Cyber Centre’s Top 10 IT Security Actions <sup id="fn2-rf"><a class="fn-lnk" href="#fn2"><span class="wb-inv">Footnote </span>2</a></sup>.</p> <p>If activity matching the content of this alert is discovered, recipients are encouraged to report via the <a href="https://www.cyber.gc.ca/en/incident-management">My Cyber Portal</a>, or email <a href="mailto:contact@cyber.gc.ca">contact@cyber.gc.ca</a>.</p> <aside class="wb-fnote" role="note"><h2 id="fn">References</h2> <dl><dt>Footnote 1</dt> <dd id="fn1"> <p><a href="https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/">Customer guidance for SharePoint vulnerability CVE-2025-53770 | MSRC Blog | Microsoft Security Response Center</a></p> <p class="fn-rtn"><a href="#fn1-rf"><span class="wb-inv">Return to footnote </span>1<span class="wb-inv"> referrer</span></a></p> </dd> <dt>Footnote 2</dt> <dd id="fn2"> <p><a href="/en/guidance/top-10-it-security-actions-protect-internet-connected-networks-and-information-itsm10089">Top 10 IT security actions to protect Internet connected networks and information (ITSM.10.089)</a></p> <p class="fn-rtn"><a href="#fn2-rf"><span class="wb-inv">Return to footnote </span>2<span class="wb-inv"> referrer</span></a></p> </dd> <dt>Footnote 3</dt> <dd id="fn3"> <p><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/">Microsoft SharePoint zero-day exploited in RCE attacks, no patch available</a></p> <p class="fn-rtn"><a href="#fn3-rf"><span class="wb-inv">Return to footnote </span>3<span class="wb-inv"> referrer</span></a></p> </dd> <dt>Footnote 4</dt> <dd id="fn4"> <p><a href="https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2025-07-19-Microsoft-SharePoint-vulnerabilities-CVE-2025-49704-and-49706.txt">PaloAltoNetworks / Unit42-timely-threat-intel</a></p> <p class="fn-rtn"><a href="#fn4-rf"><span class="wb-inv">Return to <span>first</span> footnote </span>4<span class="wb-inv"> referrer</span></a></p> </dd> <dt>Footnote 5</dt> <dd id="fn5"> <p><a href="https://x.com/cyb3rops/status/1947032951486574672">@cyb3rops</a></p> <p class="fn-rtn"><a href="#fn5-rf"><span class="wb-inv">Return to footnote </span>5<span class="wb-inv"> referrer</span></a></p> </dd> <dt>Footnote 6</dt> <dd id="fn6"> <p><a href="https://learn.microsoft.com/en-ca/sharepoint/security-for-sharepoint-server/configure-amsi-integration">Configure AMSI integration with SharePoint Server</a></p> <p class="fn-rtn"><a href="#fn6-rf"><span class="wb-inv">Return to footnote </span>6<span class="wb-inv"> referrer</span></a></p> </dd> <dt>Footnote 7</dt> <dd id="fn7"> <p><a href="/en/alerts-advisories/microsoft-security-advisory-av25-433">Microsoft SharePoint security advisory (AV25-433)</a></p> <p class="fn-rtn"><a href="#fn7-rf"><span class="wb-inv">Return to footnote </span>7<span class="wb-inv"> referrer</span></a></p> </dd> <dt>Footnote 8</dt> <dd id="fn8"> <p><a href="https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/#link={%22role%22:%22standard%22,%22href%22:%">Microsoft Blog – Disrupting active exploitation of on-premises SharePoint vulnerabilities</a></p> <p class="fn-rtn"><a href="#fn8-rf"><span class="wb-inv">Return to footnote </span>8<span class="wb-inv"> referrer</span></a></p> </dd> <dt>Footnote 9</dt> <dd id="fn9"> <p><a href="https://www.cisa.gov/news-events/alerts/2025/07/20/update-microsoft-releases-guidance-exploitation-sharepoint-vulnerabilities">CISA – UPDATE: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities</a></p> <p class="fn-rtn"><a href="#fn9-rf"><span class="wb-inv">Return to footnote </span>9<span class="wb-inv"> referrer</span></a></p> </dd> <dt>Footnote 10</dt> <dd id="fn10"> <p><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49712">Microsoft SharePoint Remote Code Execution Vulnerability – CVE-2025-49712</a></p> <p class="fn-rtn"><a href="#fn10-rf"><span class="wb-inv">Return to footnote </span>10<span class="wb-inv"> referrer</span></a></p> </dd> </dl></aside></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6719" about="/en/alerts-advisories/mozilla-security-advisory-av25-529" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-529<br /><strong>Date: </strong>August 19, 2025</p> <p>On August 19, 2025, Mozilla published security advisories to address vulnerabilities in the following products:</p> <ul><li>Focus for iOS – versions prior to 142</li> <li>Firefox for iOS – versions prior to 142</li> <li>Firefox ESR – versions prior to 140.2</li> <li>Firefox ESR – versions prior to 128.14</li> <li>Firefox ESR – versions prior to 115.27</li> <li>Firefox – versions prior to 142</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.mozilla.org/en-US/security/advisories/">Mozilla Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6718" about="/en/alerts-advisories/hpe-security-advisory-av25-528" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-528<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 19, 2025</p> <p>On August 19, 2025, HPE published a security advisory to address vulnerabilities in the following product:</p> <ul><li>HPE IceWall Identity Manager – versions prior to v6.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbmu04921en_us&amp;docLocale=en_US#hpesbmu04921-rev-1-hpe-icewall-identity-manager-de-0">HPESBMU04921 rev.1 – HPE IceWall Identity Manager, Denial of Service</a></li> <li><a href="https://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US">HPE Security Bulletin Library</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6716" about="/en/alerts-advisories/red-hat-security-advisory-av25-527" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-527<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:</p> <ul><li>Red Hat CodeReady Linux Builder – multiple versions and platforms</li> <li>Red Hat Enterprise Linux – multiple versions and platforms</li> <li>Red Hat Enterprise Linux Server – multiple versions and platforms</li> <li>Red Hat Enterprise Linux for Real Time – multiple versions and platforms</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://access.redhat.com/security/security-updates/security-advisories">Red Hat Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6714" about="/en/alerts-advisories/microsoft-edge-security-advisory-av25-526" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-526<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 18, 2025</p> <p>On August 15, 2025, Microsoft published a security update to address vulnerabilities in the following products:</p> <ul><li>Microsoft Edge Stable Channel – versions prior to 139.0.3405.102</li> <li>Microsoft Extended Edge Stable Channel – versions prior to 138.0.3351.140</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.</p> <ul class="list-unstyled"><li><a href="https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#august-15-2025">Microsoft Edge Stable Channel Release Notes</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6715" about="/en/alerts-advisories/ibm-security-advisory-av25-525" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-525<br /><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, IBM published security advisories to address vulnerabilities in multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.ibm.com/support/pages/bulletin/">IBM Product Security Incident Response</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6713" about="/en/alerts-advisories/ubuntu-security-advisory-av25-524" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-524<br /><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:</p> <ul><li>Ubuntu 16.04 LTS</li> <li>Ubuntu 24.04 LTS</li> <li>Ubuntu 22.04 LTS</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://ubuntu.com/security/notices/USN-7685-5">USN-7685-5: Linux kernel (Oracle) vulnerabilities</a></li> <li><a href="https://ubuntu.com/security/notices/USN-7682-5">USN-7682-5: Linux kernel vulnerabilities</a></li> <li><a href="https://ubuntu.com/security/notices/USN-7681-3">USN-7681-3: Linux kernel (Oracle) vulnerability</a></li> <li><a href="https://ubuntu.com/security/notices">Ubuntu Security Notices</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6712" about="/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av25-523" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-523<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, CISA published ICS advisories to highlight vulnerabilities in multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.</p> <ul class="list-unstyled"><li><a href="https://www.cisa.gov/news-events/cybersecurity-advisories?f%5B0%5D=advisory_type%3A95">CISA ICS Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6711" about="/en/alerts-advisories/dell-security-advisory-av25-522" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-522<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 18, 2025</p> <p>Between August 11 and 17, 2025, Dell published security advisories to address vulnerabilities in the following products:</p> <ul><li>Dell APEX Cloud Platform for Microsoft Azure – versions prior to 01.05.01.01</li> <li>Dell CloudLink – versions 8.0 to 8.1.1</li> <li>Dell Data Lakehouse – versions prior to 1.5.0.0</li> <li>Dell EMC XC Core XC7525 – version prior to 2.20.0</li> <li>Dell Intel E810 Adapters and Intel E823 LOM – versions prior to 24.0.0</li> <li>Dell Intel I350 and X550 Adapters – versions prior to 24.0.0</li> <li>Dell Intel X710, XXV710, and XL710 Adapters – versions prior to 24.0.0</li> <li>Dell OpenManage Enterprise – versions 3.10, 4.0, 4.1 and 4.2</li> <li>Dell PowerEdge R770, R670, R570, R470 – version prior to 1.3.2</li> <li>Dell PowerEdge Servers – multiple versions and models</li> <li>Dell PowerEdge T40 – versions prior to 1.19.0</li> <li>Dell PowerEdge XE7740 – versions prior to 1.2.2</li> <li>Dell PowerProtect DM5500 – versions prior to 5.19.1.0</li> <li>Dell SupportAssist for Business PCs – version 4.5.3 and prior</li> <li>Dell SupportAssist for Home PCs – version 4.8.2.29006 and prior</li> <li>Dell XC Core XC660, XC760, XC660xs, XC760xa – versions prior to 2.5.4</li> <li>Dell XC Core XC7625 – versions prior to 1.13.1</li> </ul><p>TThe Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.dell.com/support/security/en-ca">Dell Security advisories and notices</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6709" about="/en/alerts-advisories/vmware-security-advisory-av25-521" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-521<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 15, 2025</p> <p>On August 14, 2025, VMware published security advisories to address vulnerabilities in the following products:</p> <ul><li>VMware Tanzu for Valkey – version 7.2.9</li> <li>VMware Tanzu for Valkey – version 8.0.3</li> <li>VMware Tanzu for Valkey – version 8.1.2</li> <li>VMware Tanzu for Valkey on Kubernetes – version 2.1.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36035">Product Release Advisory – VMware Tanzu for Valkey 7.2.10</a></li> <li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36036">Product Release Advisory – VMware Tanzu for Valkey 8.0.4</a></li> <li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36037">Product Release Advisory – VMware Tanzu for Valkey 8.1.3</a></li> <li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36038">Product Release Advisory – VMware Tanzu for Valkey on Kubernetes 3.0.0</a></li> <li><a href="https://support.broadcom.com/web/ecx/security-advisory">Security Advisories – VMware Cloud Foundation</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6708" about="/en/alerts-advisories/google-chrome-security-advisory-av25-520" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-520<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 15, 2025</p> <p>On August 12, 2025, Google published a security advisory to address vulnerabilities in the following products:</p> <ul><li>Stable Channel Chrome for Desktop – versions prior to 139.0.7258.127/128 (Windows/Mac) and 139.0.7258.127 (Linux)</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p> <ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html">Google Chrome Security Advisory</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6707" about="/en/alerts-advisories/cisco-security-advisory-av25-519" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-519<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 15, 2025</p> <p>On August 14, 2025, Cisco published security advisories to address vulnerabilities in the multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the web link provided and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://tools.cisco.com/security/center/publicationListing.x">Cisco Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6706" about="/en/alerts-advisories/cyber-control-systems-siemens-security-advisory-av25-518" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-518<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 15, 2025</p> <p>On August 14, 2025, Siemens published advisories to address vulnerabilities in multiple products. Included were updates for the following products:</p> <ul><li>Mendix SAML (Mendix 9.24 compatible) – versions prior to V3.6.21</li> <li>Mendix SAML (Mendix 10.12 compatible) – versions prior to V4.0.3</li> <li>Mendix SAML (Mendix 10.21 compatible) – versions prior to V4.1.2</li> <li>Desigo CC family – all versions</li> <li>SENTRON Powermanager – all versions</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://cert-portal.siemens.com/productcert/html/ssa-395458.html">SSA-395458: Account Hijacking Vulnerability in Mendix SAML Module</a></li> <li><a href="https://cert-portal.siemens.com/productcert/html/ssa-201595.html">SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager</a></li> <li><a href="https://www.siemens.com/global/en/products/services/cert.html#SecurityPublications">Siemens Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6704" about="/en/alerts-advisories/n-able-security-advisory-av25-517" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-517<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 14, 2025</p> <p>On August 14, 2025, N-able published a security advisory to address vulnerabilities in the following product:</p> <ul><li>N-central – versions prior to 2025.3.1</li> </ul><p>On August 13, 2025, CISA added CVE-2025-8875 and CVE-2025-8876 to their Known Exploited Vulnerabilities (KEV) Catalog.</p> <p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.cisa.gov/news-events/alerts/2025/08/13/cisa-adds-two-known-exploited-vulnerabilities-catalog">KEV – CISA Adds Two Known Exploited Vulnerabilities to Catalog</a></li> <li><a href="https://status.n-able.com/2025/08/13/announcing-the-ga-of-n-central-2025-3-1/">Announcing the GA of N-central 2025.3.1</a></li> <li><a href="https://status.n-able.com/">N-able Status</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6703" about="/en/alerts-advisories/servicenow-security-advisory-av25-516" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-516<br /><strong>Date: </strong>August 14, 2025</p> <p>On August 12, 2025, ServiceNow published a Security Advisory to address a vulnerability in the following products:</p> <ul><li>ServiceNow Washington – multiple versions</li> <li>ServiceNow Xanadu – multiple versions</li> <li>ServiceNow Yokohama – multiple versions</li> <li>ServiceNow Zurich – multiple versions</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://support.servicenow.com/kb?id=kb_article_view&amp;sysparm_article=KB2264930">CVE-2025-3089 – Broken Access Control in ServiceNow AI Platform</a></li> <li><a href="https://support.servicenow.com/kb?id=kb_article_view&amp;sysparm_article=KB1226057">ServiceNow security advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6702" about="/en/alerts-advisories/palo-alto-networks-security-advisory-av25-515" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-515<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 14, 2025</p> <p>On August 13, 2025, Palo Alto Networks published security advisories to address vulnerabilities in the following products:</p> <ul><li>Checkov by Prisma Cloud 3.2.0 – versions prior to 3.2.449</li> <li>Cortex XDR Broker VM 28.0.0 – versions prior to 28.0.52</li> <li>GlobalProtect App 6.3 Linux – versions prior to 6.3.3</li> <li>GlobalProtect App 6.3 Windows – versions prior to 6.3.3-h2 (6.3.3-c676)</li> <li>GlobalProtect App 6.2 Linux – all versions</li> <li>GlobalProtect App 6.2 Windows – versions prior to 6.2.8-h3 (6.2.8-c263)</li> <li>GlobalProtect App 6.1 Linux/Windows – all versions</li> <li>GlobalProtect App 6.0 Linux/Windows – all versions</li> <li>PAN-OS 11.2 (On PA-7500) – versions prior to 11.2.8</li> <li>PAN-OS 11.1 (On PA-7500) – versions prior to 11.1.10</li> <li>Prisma Access Browser – versions prior to 138.69.4.184</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://security.paloaltonetworks.com/">Palo Alto Network Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6701" about="/en/alerts-advisories/drupal-security-advisory-av25-514" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-514<br /><strong>Date: </strong>August 14, 2025</p> <p>On August 13, 2025, Drupal published security advisories to address vulnerabilities in the following products:</p> <ul><li>Authenticator Login (Alogin) – versions prior to 2.1.4</li> <li>Layout Builder Advanced Permissions – version 2.2.0</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.drupal.org/sa-contrib-2025-096">Authenticator Login – Highly critical – Access bypass – SA-CONTRIB-2025-096</a></li> <li><a href="https://www.drupal.org/sa-contrib-2025-097">Layout Builder Advanced Permissions – Moderately critical – Access bypass – SA-CONTRIB-2025-097</a></li> <li><a href="https://www.drupal.org/security">Drupal Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6699" about="/en/alerts-advisories/control-systems-abb-security-advisory-av25-513" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-513<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 14, 2025</p> <p>On August 12, 2025, ABB published a security advisory to address a vulnerability in the following product:</p> <ul><li>ABB Ability zenon – versions 7.50, 7.60, 8.00, 8.20, 11, 12 and 14</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://search.abb.com/library/Download.aspx?DocumentID=2NGA002743&amp;LanguageCode=en&amp;DocumentPartId=&amp;Action=Launch">ABB AbilityTM zenon Remote Transport Vulnerability</a></li> <li><a href="https://global.abb/group/en/technology/cyber-security/alerts-and-notifications">ABB Cyber security alerts and notifications</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6698" about="/en/alerts-advisories/solarwinds-security-advisory-av25-512" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-512<br /><strong>Date: </strong>August 14, 2025</p> <p>On August 12, 2025, SolarWinds published a security advisory to address a vulnerability in the following product:</p> <ul><li>SolarWinds Database Performance Analyzer – version 2025.2 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.solarwinds.com/trust-center/security-advisories/cve-2025-26398">SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability (CVE-2025-26398)</a></li> <li><a href="https://www.solarwinds.com/trust-center/security-advisories">SolarWinds Security Vulnerabilities</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6697" about="/en/alerts-advisories/intel-security-advisory-av25-511" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-511<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 13, 2025</p> <p>On August 12, 2025, Intel published security advisories to address vulnerabilities in multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.intel.com/content/www/us/en/security-center/default.html">Intel Product Security Center Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6696" about="/en/alerts-advisories/foxit-security-advisory-av25-510" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-510<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 13, 2025</p> <p>On August 13, 2025, Foxit published security advisories to address vulnerabilities in the following products:</p> <ul><li>Foxit PDF Editor (Windows) – multiple versions</li> <li>Foxit PDF Editor for Mac – multiple versions</li> <li>Foxit PDF Reader (Windows) – version 2025.1.0.27937 and prior</li> <li>Foxit PDF Reader for Mac – version 2025.1.0.66692 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.foxit.com/support/security-bulletins.html">Foxit Security Bulletins</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6695" about="/en/alerts-advisories/f5-security-advisory-av25-509" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-509<br /><strong>Date: </strong>August 13, 2025</p> <p>On August 13, 2025, F5 published a security advisory to address vulnerabilities in the following products:</p> <ul><li>APM Clients – version 7.2.5</li> <li>BIG-IP (APM) – versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5 and versions 15.1.0 to 15.1.10</li> <li>BIG-IP (APM) – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6 and versions 15.1.0 to 15.1.10</li> <li>BIG-IP (all modules) – versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.5 and versions 15.1.0 to 15.1.10</li> <li>BIG-IP (all modules) – versions 17.5.0 to 17.5.1, versions 17.1.0 to 17.1.2, versions 16.1.0 to 16.1.6 and versions 15.1.0 to 15.1.10</li> <li>BIG-IP Next (all modules) – versions 20.3.0</li> <li>BIG-IP Next CNF – versions 2.0.0 to 2.0.2 and versions 1.1.0 to 1.4.1</li> <li>BIG-IP Next SPK – versions 2.0.0 to 2.0.2 and versions 1.7.0 to 1.9.2</li> <li>BIG-IP Next for Kubernetes – version 2.0.0</li> <li>F5 Access for Android – versions 3.1.0 to 3.1.1</li> <li>F5 Silverline in HTTP/2 enabled proxy servers (all services)</li> <li>NGINX Open Source – versions 0.7.22 to 1.29.0</li> <li>NGINX Plus – versions R30 to R34</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://my.f5.com/manage/s/article/K000152635">F5 Quarterly Security Notification (August 2025)</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6694" about="/en/alerts-advisories/hpe-security-advisory-av25-508" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-508<br /><strong>Date: </strong>August 13, 2025</p> <p>Between August 6 and 13, 2025, HPE published security advisories to address vulnerabilities in the multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the web link provided and apply the necessary updates. Please refer to the list of vulnerabilities dated for the past week, and especially the ones that have high and critical severity.</p> <ul class="list-unstyled"><li><a href="https://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US">HPE Security Bulletin Library</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6693" about="/en/alerts-advisories/gitlab-security-advisory-av25-507" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-507<br /><strong>Date: </strong>August 13, 2025</p> <p>On August 13, 2025, GitLab published a security advisory to address vulnerabilities in the following products:</p> <ul><li>GitLab Community Edition (CE) – versions prior to 18.2.2, 18.1.4 and 18.0.6</li> <li>GitLab Enterprise Edition (EE) – versions prior to 18.2.2, 18.1.4 and 18.0.6</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://about.gitlab.com/releases/2025/08/13/patch-release-gitlab-18-2-2-released/">GitLab Patch Release: 18.2.2, 18.1.4, 18.0.6</a></li> <li><a href="https://about.gitlab.com/releases/categories/releases/">GitLab Releases</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6692" about="/en/alerts-advisories/fortinet-security-advisory-av25-506" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-506<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 13, 2025</p> <p>On August 12, 2025, Fortinet published security advisories to address vulnerabilities in multiple products.</p> <p>Fortinet is aware that an exploit for CVE-2025-25256 exists in the wild.</p> <p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-25-152">Remote unauthenticated command injection in FortiSIEM</a></li> <li><a href="https://www.fortiguard.com/psirt">Fortinet PSIRT Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6691" about="/en/alerts-advisories/adobe-security-advisory-av25-505" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-505<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 13, 2025</p> <p>On August 12, 2025, Adobe published security advisories to address vulnerabilities in the following products:</p> <ul><li>Adobe Animate 2023 – version 23.0.12 and prior</li> <li>Adobe Animate 2024 – version 24.0.9 and prior</li> <li>Adobe Commerce B2B – multiple versions</li> <li>Adobe Commerce – multiple versions</li> <li>Adobe Dimension – version 4.1.3 and prior</li> <li>Adobe FrameMaker – version FrameMaker 2020 Update 8 and prior</li> <li>Adobe FrameMaker – version FrameMaker 2022 Update 6 and prior</li> <li>Adobe Illustrator 2024 – version 28.7.8 and prior</li> <li>Adobe Illustrator 2025 – version 29.6.1 and prior</li> <li>Adobe InCopy – version 20.4 and prior</li> <li>Adobe InCopy – version 19.5.4 and prior</li> <li>Adobe InDesign – version ID19.5.4 and prior</li> <li>Adobe InDesign – version ID20.4 and prior</li> <li>Adobe Magento Open Source – multiple versions</li> <li>Adobe Photoshop 2024 – version 25.12.3 and prior</li> <li>Adobe Photoshop 2025 – version 26.8 and prior</li> <li>Adobe Substance 3D Modeler – version 1.22.0 and prior</li> <li>Adobe Substance 3D Painter – version 11.0.2 and prior</li> <li>Adobe Substance 3D Sampler – version 5.0.3 and prior</li> <li>Adobe Substance 3D Stager – version 3.1.3 and prior</li> <li>Adobe Substance 3D Viewer – version 0.25 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://helpx.adobe.com/security.html">Adobe Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6690" about="/en/alerts-advisories/microsoft-security-advisory-august-2025-monthly-rollup-av25-504" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-504<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 13, 2025</p> <p>On August 12, 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:</p> <ul><li>Azure File Sync</li> <li>Azure Open AI</li> <li>Azure Portal</li> <li>Azure Stack Hub</li> <li>DCadsv5-series Azure VM</li> <li>DCasv5-series Azure VM</li> <li>DCesv5-series – Azure VM</li> <li>DCesv6-series Azure VM</li> <li>ECadsv5-series Azure VM</li> <li>ECedsv5-series Azure VM</li> <li>Ecesv6-series Azure VM</li> <li>Microsoft 365</li> <li>Microsoft Dynamics 365</li> <li>Microsoft Edge</li> <li>Microsoft Excel 2016</li> <li>Microsoft Exchange Server</li> <li>Microsoft Office</li> <li>Microsoft PowerPoint</li> <li>Microsoft SQL Server</li> <li>Microsoft SharePoint</li> <li>Microsoft Teams</li> <li>Microsoft Visual Studio 2022 version 17.14</li> <li>Microsoft Word 2016</li> <li>NCCadsH100v5-series Azure VM</li> <li>Office Online Server</li> <li>Teams Panels</li> <li>Teams Phones</li> <li>Web Deploy 4.0</li> <li>Windows 10</li> <li>Windows 11</li> <li>Windows Security App</li> <li>Windows Server</li> <li>Windows Subsystem for Linux</li> </ul><p>Microsoft has indicated that CVE-2025-53779 and CVE-2025-49719 have available exploits.</p> <p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://msrc.microsoft.com/update-guide/releaseNote/2025-Aug">August 2025 Security Updates</a></li> <li><a href="https://msrc.microsoft.com/update-guide/en-us">Security Update Guide</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6689" about="/en/alerts-advisories/ivanti-security-advisory-av25-503" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-503<br /><strong>Date: </strong>August 13, 2025</p> <p>On August 12, 2025, Ivanti published security advisories to address vulnerabilities in the following products. Included was a critical update for the following:</p> <ul><li>Ivanti Virtual Application Delivery Controller (vADC) – version 22.8R2 and prior</li> <li>Ivanti Connect Secure (ICS) – version 22.7R2.7 and prior</li> <li>Ivanti Policy Secure (IPS) – version 22.7R1.4 and prior</li> <li>Ivanti ZTA Gateway – version 22.8R2.2</li> <li>Ivanti Neurons for Secure Access – version 22.8R1.3 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://forums.ivanti.com/s/article/August-Security-Advisory-Ivanti-Virtual-Application-Delivery-Controller-vADC-previously-vTM-CVE-2025-8310?language=en_US">August Security Advisory Ivanti Virtual Application Delivery Controller (vADC previously vTM) (CVE-2025-8310)</a></li> <li><a href="https://forums.ivanti.com/s/article/August-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-Multiple-CVEs?language=en_US">August Security Advisory Ivanti Connect Secure, Policy Secure &amp; ZTA Gateways (Multiple CVEs)</a></li> <li><a href="https://forums.ivanti.com/s/searchallcontent?language=en_US#tab=All&amp;sortCriteria=date%20descending&amp;f-sfkbknowledgearticletypec=Security%20Advisory">Ivanti Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6687" about="/en/alerts-advisories/control-systems-siemens-security-advisory-av25-502" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-502<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 12, 2025</p> <p>Between August 12, 2025, Siemens published advisories to address vulnerabilities in multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.siemens.com/global/en/products/services/cert.html#SecurityPublications">Siemens Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

<article data-history-node-id="6688" about="/en/alerts-advisories/control-systems-schneider-electric-security-advisory-av25-501" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-501<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>August 12, 2025</p> <p>Le 12 août 2025, Schneider Electric a publié des bulletins de sécurité visant à corriger des vulnérabilités liées aux produits suivants :</p> <ul><li>BMXNGD0100: M580 Global Data module – all versions</li> <li>BMXNOC0401: Modicon M340 X80 Ethernet Communication modules – all versions</li> <li>BMXNOE0100: Modbus/TCP Ethernet Modicon M340 module – multiple versions and models</li> <li>BMXNOR0200H: Ethernet / Serial RTU Module – all versions</li> <li>EcoStruxure Building Operation Enterprise Server and Central – versions prior to 7.0.1</li> <li>EcoStruxure Enterprise Server – versions prior to 7.0.1</li> <li>EcoStruxure Power Monitoring Expert (PME) – versions 2022, 2023, 2024 and 2024 R2</li> <li>EcoStruxure Power Operation (EPO) Advanced Reporting and Dashboards Module – versions 2022 w/ Advanced Reporting Module and 2024 w/ Advanced Reporting Module</li> <li>EcoStruxure Workstation – versions prior to 7.0.1</li> <li>Modicon Controller – multiple versions and models</li> <li>Modicon M580 communication modules – multiple versions and models</li> <li>SESU – versions prior to v3.0.12</li> <li>Saitel DR RTU – version 11.06.29 and prior, version 11.06.34 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp">Schneider Electric Security Notifications</a></li> </ul></div> </div> </div> </div> </div> </article>