Advisories, Government, Vulnerabilities, , ,
Cyber Security Government

Canadian Government Cyber Alerts

Canadian Government Cyber Alerts.

  • Google Chrome security advisory (AV25-649)
    by Canadian Centre for Cyber Security on October 8, 2025 at 12:39 pm

    <article data-history-node-id="6873" about="/en/alerts-advisories/google-chrome-security-advisory-av25-649" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-649<br /><strong>Date: </strong>October 8, 2025</p> <p>On October 7, 2025, Google published a security advisory to address vulnerabilities in the following product:</p> <ul><li>Stable Channel Chrome for Desktop – versions prior to 141.0.7390.65/.66 (Windows and Mac) and 141.0.7390.65 (Linux)</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p> <ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop.html">Google Chrome Security Advisory</a></li> </ul></div> </div> </div> </div> </div> </article>

  • [Control systems] ABB security advisory (AV25-648)
    by Canadian Centre for Cyber Security on October 7, 2025 at 2:07 pm

    <article data-history-node-id="6872" about="/en/alerts-advisories/control-systems-abb-security-advisory-av25-648" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-648<br /><strong>Date: </strong>October 7, 2025</p> <p>On October 7, 2025, ABB published a security advisory to address a vulnerability in the following products:</p> <ul><li>EIBPORT V3 KNX – versions prior to 3.9.2</li> <li>EIBPORT V3 KNX GSM – versions prior to 3.9.2</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A7808&amp;LanguageCode=en&amp;DocumentPartId=pdf&amp;Action=Launch">EIBPORT Reflected XSS – CVE ID: CVE-2021-22291</a></li> <li><a href="https://global.abb/group/en/technology/cyber-security/alerts-and-notifications">ABB Cyber security alerts and notifications</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Android security advisory – October 2025 monthly rollup (AV25-647)
    by Canadian Centre for Cyber Security on October 7, 2025 at 2:02 pm

    <article data-history-node-id="6871" about="/en/alerts-advisories/android-security-advisory-october-2025-monthly-rollup-av25-647" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-647<br /><strong>Date: </strong>October 6, 2025</p> <p>On October 6, 2025, Android published a security bulletin to address vulnerabilities affecting Android devices.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://source.android.com/docs/security/bulletin/2025-10-01">Android Security Bulletin</a></li> </ul></div> </div> </div> </div> </div> </article>

  • AL25-013 – Vulnerability impacting Oracle E-Business Suite – CVE-2025-61882
    by Canadian Centre for Cyber Security on October 7, 2025 at 1:39 pm

    <article data-history-node-id="6870" about="/en/alerts-advisories/al25-013-vulnerability-impacting-oracle-e-business-suite-cve-2025-61882" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Number:</strong> AL25-013<br /><strong>Date:</strong> October 7, 2025</p> <h2>Audience</h2> <p>This Alert is intended for IT professionals and managers.</p> <h2>Purpose</h2> <p>An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested.</p> <h2>Details</h2> <p>On October 4, 2025, Oracle released a security alert advisory for Oracle E-Business Suite addressing a critical vulnerability that allows attackers to perform an unauthenticated remote code execution (CVE-2025-61882) affecting the following product<sup id="fn1-rf"><a class="fn-lnk" href="#fn1"><span class="wb-inv">Footnote </span>1</a></sup>:</p> <ul><li>Oracle E-Business Suite – versions 12.2.3 to 12.2.14</li> </ul><p>The vulnerability is within the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration) and has been assigned a CVSS severity rating of 9.8 out of 10<sup id="fn2-rf"><a class="fn-lnk" href="#fn2"><span class="wb-inv">Footnote </span>2</a></sup>.</p> <p>In response to this vulnerability, the Cyber Centre released AV25-640 on October 6, 2025<sup id="fn3-rf"><a class="fn-lnk" href="#fn3"><span class="wb-inv">Footnote </span>3</a></sup>. CISA has added CVE-2025-61882 to their Known Exploited Vulnerabilities (KEV) catalog<sup id="fn4-rf"><a class="fn-lnk" href="#fn4"><span class="wb-inv">Footnote </span>4</a></sup> on October 6, 2025.</p> <h2>Suggested actions</h2> <p>The Cyber Centre strongly recommends that organizations patch the affected Oracle instances to the vendor recommended versions<sup id="fn1a-rf"><a class="fn-lnk" href="#fn1"><span class="wb-inv">Footnote </span>1</a></sup>.</p> <p>You should also review and implement our Top 10 IT Security Actions<sup id="fn5-rf"><a class="fn-lnk" href="#fn5"><span class="wb-inv">Footnote </span>5</a></sup> with an emphasis on the following topics:</p> <ul><li>Patching operating systems and applications.</li> <li>Isolating Web-facing applications.</li> </ul><p>Should activity matching the content of this alert be discovered, recipients are encouraged to report via the <a href="https://www.cyber.gc.ca/en/incident-management">My Cyber Portal</a>, or email <a href="mailto:contact@cyber.gc.ca">contact@cyber.gc.ca</a>.</p> <h2>References</h2> <p>Information provided by organizations not subject to the <em>Official Languages Act</em> is in the language(s) provided.</p> <aside class="wb-fnote" role="note"><dl><dt>Footnote 1</dt> <dd id="fn1"> <p><a href="https://www.oracle.com/security-alerts/alert-cve-2025-61882.html">Oracle Security Alert Advisory – CVE-2025-61882</a></p> <p class="fn-rtn"><a href="#fn1-rf"><span class="wb-inv">Return to footnote</span>1<span class="wb-inv"> referrer</span></a></p> </dd> </dl><dl><dt>Footnote 2</dt> <dd id="fn2"> <p><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-61882">CVE-2025-61882</a></p> <p class="fn-rtn"><a href="#fn2-rf"><span class="wb-inv">Return to footnote</span>2<span class="wb-inv"> referrer</span></a></p> </dd> </dl><dl><dt>Footnote 3</dt> <dd id="fn3"> <p><a href="/en/alerts-advisories/oracle-security-advisory-av25-640">AV25-640 – Oracle security advisory</a></p> <p class="fn-rtn"><a href="#fn3-rf"><span class="wb-inv">Return to footnote</span>3<span class="wb-inv"> referrer</span></a></p> </dd> </dl><dl><dt>Footnote 4</dt> <dd id="fn4"> <p><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities Catalog | CISA </a></p> <p class="fn-rtn"><a href="#fn4-rf"><span class="wb-inv">Return to footnote</span>4<span class="wb-inv"> referrer</span></a></p> </dd> </dl><dl><dt>Footnote 5</dt> <dd id="fn5"> <p><a href="/en/guidance/top-10-it-security-actions-protect-internet-connected-networks-and-information-itsm10089">Top 10 IT security actions to protect Internet connected networks and information (ITSM.10.089)</a></p> <p class="fn-rtn"><a href="#fn5-rf"><span class="wb-inv">Return to footnote</span>5<span class="wb-inv"> referrer</span></a></p> </dd> </dl></aside></div> </div> </div> </div> </div> </article>

  • Redis security advisory (AV25-646)
    by Canadian Centre for Cyber Security on October 6, 2025 at 6:25 pm

    <article data-history-node-id="6869" about="/en/alerts-advisories/redis-security-advisory-av25-646" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-646<br /><strong>Date: </strong>October 6, 2025</p> <p>On October 3, 2025, Redis published a security advisory to address a critical vulnerability in the following products:</p> <ul><li>Redis Software – multiple versions</li> <li>Redis OSS/CE/Stack releases with Lua scripting – multiple versions</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://github.com/redis/redis/releases/tag/8.2.2">Redis Security Advisory: CVE-2025-49844</a></li> <li><a href="https://redis.io/blog/security-advisory-cve-2025-49844/">Redis – Releases</a></li> <li><a href="https://redis.io/blog/">Redis Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Red Hat security advisory (AV25-645)
    by Canadian Centre for Cyber Security on October 6, 2025 at 1:36 pm

    <article data-history-node-id="6866" about="/en/alerts-advisories/red-hat-security-advisory-av25-645" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-645<br /><strong>Date: </strong>October 6, 2025</p> <p>Between September 29 and October 5, 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:</p> <ul><li>Red Hat CodeReady Linux Builder – multiple versions and platforms</li> <li>Red Hat Enterprise Linux – multiple versions and platforms</li> <li>Red Hat Enterprise Linux Server – multiple versions and platforms</li> <li>Red Hat Enterprise Linux for Real Time – multiple versions and platforms</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://access.redhat.com/security/security-updates/security-advisories">Red Hat Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • [Control systems] CISA ICS security advisories (AV25–644)
    by Canadian Centre for Cyber Security on October 6, 2025 at 1:30 pm

    <article data-history-node-id="6865" about="/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av25-644" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-644<br /><strong>Date: </strong>October 6, 2025</p> <p>Between September 29 and October 5, 2025, CISA published ICS advisories to address vulnerabilities in the following products:</p> <ul><li>Festo CPX-CEC-C1 – version 2.0.12 and prior</li> <li>Festo CPX-CMXX – version 1.2.34 rev.404 and prior</li> <li>Festo Controller CECC-S, -LK, -D Family Firmware – all versions</li> <li>Festo SBRD-Q/SBOC-Q/SBOI-Q – all versions</li> <li>Festo SET CPX-CEC-C1 – version 1.2.34 rev.404 and prior</li> <li>HEIDENHAIN Controller TNC 640 NC Software – version 340590 07 SP5</li> <li>Hitachi Energy MSM – versions 2.2.10 and prior</li> <li>Keysight Ixia Vision Product Family – version 6.3.1</li> <li>LG Innotek Camera LND7210 – all versions</li> <li>LG Innotek Camera LNV7210R – all versions</li> <li>MegaSys Enterprises Telenium Online Web Application – versions prior to 8.4.21</li> <li>National Instruments Circuit Design Suite – version v14.3.1 and prior</li> <li>OpenPLC_V3 – versions prior to pull request #292</li> <li>Raise3D Pro2 Series – all versions</li> <li>Rockwell Automation 5094-IF8 – version V2.011</li> <li>Rockwell Automation 5094-IY8 – version V2.011</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.</p> <ul class="list-unstyled"><li><a href="https://www.cisa.gov/news-events/cybersecurity-advisories">CISA ICS Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Ubuntu security advisory (AV25-643)
    by Canadian Centre for Cyber Security on October 6, 2025 at 1:20 pm

    <article data-history-node-id="6864" about="/en/alerts-advisories/ubuntu-security-advisory-av25-643" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-643<br /><strong>Date: </strong>October 6, 2025</p> <p>Between September 29 and October 5, 2025, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:</p> <ul><li>Ubuntu 14.04 LTS</li> <li>Ubuntu 16.04 LTS</li> <li>Ubuntu 18.04 LTS</li> <li>Ubuntu 20.04 LTS</li> <li>Ubuntu 22.04 LTS</li> <li>Ubuntu 24.04 LTS</li> <li>Ubuntu 25.04 LTS</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://ubuntu.com/security/notices">Ubuntu Security Notices</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Dell security advisory (AV25-642)
    by Canadian Centre for Cyber Security on October 6, 2025 at 1:16 pm

    <article data-history-node-id="6863" about="/en/alerts-advisories/dell-security-advisory-av25-642" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-642<br /><strong>Date: </strong>October 6, 2025</p> <p>Between September 29 and October 5, 2025, Dell published security advisories to address vulnerabilities in the following products:</p> <ul><li>Dell APEX Cloud Platform for Red Hat OpenShift – versions prior to 03.05.00.00</li> <li>Dell PowerProtect DP Series Appliance (Integrated Data Protection Appliance) – versions 2.7.9 and prior</li> <li>Dell PowerProtect Data Domain – multiple versions</li> <li>Dell PowerScale OneFS – multiple versions</li> <li>Dell Repository Manager – version 3.4.7 and 3.4.8</li> <li>Dell XtremIO X2 – versions prior to 6.4.4</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.dell.com/support/security/en-ca">Dell Security advisories and notices</a></li> </ul></div> </div> </div> </div> </div> </article>

  • IBM security advisory (AV25-641)
    by Canadian Centre for Cyber Security on October 6, 2025 at 12:59 pm

    <article data-history-node-id="6862" about="/en/alerts-advisories/ibm-security-advisory-av25-641" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-641<br /><strong>Date: </strong>October 6, 2025</p> <p>Between September 29 and October 5, 2025, IBM published security advisories to address vulnerabilities in multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.ibm.com/support/pages/bulletin/">IBM Product Security Incident Response</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Oracle security advisory (AV25-640)
    by Canadian Centre for Cyber Security on October 6, 2025 at 12:44 pm

    <article data-history-node-id="6861" about="/en/alerts-advisories/oracle-security-advisory-av25-640" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-640<br /><strong>Date: </strong>October 6, 2025</p> <p>On October 4, 2025, Oracle published an out-of-band security advisory to address a critical vulnerability in the following product:</p> <ul><li>Oracle E-Business Suite – versions 12.2.3 to 12.2.14</li> </ul><p>The Oracle advisory includes indicators of compromise (IOCs) to aid in the detection of malicious activity.</p> <p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://www.oracle.com/security-alerts/alert-cve-2025-61882.html">Oracle Security Alert Advisory – CVE-2025-61882</a></li> <li><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-61882">CVE-2025-61882</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Microsoft Edge security advisory (AV25-639)
    by Canadian Centre for Cyber Security on October 3, 2025 at 1:49 pm

    <article data-history-node-id="6860" about="/en/alerts-advisories/microsoft-edge-security-advisory-av25-639" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-639<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>October 3, 2025</p> <p>On October 2, 2025, Microsoft published a security update to address vulnerabilities in the following product:</p> <ul><li>Microsoft Edge Stable Channel – versions prior to 141.0.3537.57</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.</p> <ul class="list-unstyled"><li><a href="https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#october-2-2025">Microsoft Edge Stable Channel Release Notes</a></li> </ul></div> </div> </div> </div> </div> </article>

  • TeamViewer security advisory (AV25-638)
    by Canadian Centre for Cyber Security on October 2, 2025 at 6:33 pm

    <article data-history-node-id="6857" about="/en/alerts-advisories/teamviewer-security-advisory-av25-638" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-638<br /><strong>Date: </strong>October 2, 2025</p> <p>On September 30, 2025, TeamViewer released a security advisory to address a vulnerability in the following products:</p> <ul><li>TeamViewer Remote Full Client (Windows) – versions prior to 15.70</li> <li>TeamViewer Remote Host (Windows) – versions prior to 15.70</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://www.teamviewer.com/en-ca/resources/trust-center/security-bulletins/tv-2025-1004/">Privilege Escalation via Symbolic Link Spoofing in TeamViewer Client – TV-2025-1004</a></li> <li><a href="https://www.teamviewer.com/en-ca/resources/trust-center/security-bulletins/">TeamViewer Trust Center</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Splunk security advisory (AV25-637)
    by Canadian Centre for Cyber Security on October 2, 2025 at 6:32 pm

    <article data-history-node-id="6856" about="/en/alerts-advisories/splunk-security-advisory-av25-637" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-637<br /><strong>Date: </strong>October 2, 2025</p> <p>On October 1, 2025, Splunk published security advisories to address vulnerabilities in the following products:</p> <ul><li>Splunk Enterprise – multiple versions and platforms</li> <li>Splunk Cloud Platform – multiple versions and platforms</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://advisory.splunk.com/">Splunk Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • [Control systems] SSL security advisory (AV25-636)
    by Canadian Centre for Cyber Security on October 2, 2025 at 6:30 pm

    <article data-history-node-id="6855" about="/en/alerts-advisories/control-systems-ssl-security-advisory-av25-636" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-636<br /><strong>Date: </strong>October 25, 2025</p> <p>On September 30, 2025, OpenSSL published security advisories to address vulnerabilities in the following product:</p> <ul><li>OpenSSL – multiple versions</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://openssl-library.org/news/vulnerabilities/index.html#CVE-2025-9230">CVE-2025-9230</a></li> <li><a href="https://openssl-library.org/news/vulnerabilities/index.html#CVE-2025-9231">CVE-2025-9231</a></li> <li><a href="https://openssl-library.org/news/vulnerabilities/index.html#CVE-2025-9232">CVE-2025-9232</a></li> <li><a href="https://openssl-library.org/news/vulnerabilities/index.html">OpenSSL</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Mozilla security advisory (AV25-635)
    by Canadian Centre for Cyber Security on October 2, 2025 at 6:08 pm

    <article data-history-node-id="6858" about="/en/alerts-advisories/mozilla-security-advisory-av25-635" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-635<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>October 2, 2025</p> <p>Between September 28 and 30, 2025, Mozilla published security advisories to address vulnerabilities in the following products:</p> <ul><li>Firefox – versions prior to 143.0.3</li> <li>Firefox for iOS – versions prior to 143.1</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2025-80/">Security Vulnerabilities fixed in Firefox 143.0.3</a></li> <li><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2025-79/">Security Vulnerabilities fixed in Firefox for iOS 143.1</a></li> <li><a href="https://www.mozilla.org/en-US/security/advisories/">Mozilla Security Advisories</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Google Chrome security advisory (AV25-634)
    by Canadian Centre for Cyber Security on October 2, 2025 at 4:37 pm

    <article data-history-node-id="6854" about="/en/alerts-advisories/google-chrome-security-advisory-av25-634" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-634<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>October 2, 2025</p> <p>On September 30, 2025, Google published a security advisory to address vulnerabilities in the following product:</p> <ul><li>Stable Channel Chrome for Desktop – versions prior to 141.0.7390.54/55 (Windows and Mac) and 141.0.7390.54/ (Linux)</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html">Google Chrome Security Advisory</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Cisco security advisory (AV25-633)
    by Canadian Centre for Cyber Security on October 2, 2025 at 4:21 pm

    <article data-history-node-id="6853" about="/en/alerts-advisories/cisco-security-advisory-av25-633" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-633<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>October 2, 2025</p> <p>On October 1, 2025, Cisco published security advisories to address vulnerabilities in the following products:</p> <ul><li>Cisco Cyber Vision Center – versions 5.1 and 5.2 and prior</li> <li>Cisco Unified CM, Unified CM SME – versions 12.5, 14 and versions prior to 15SU3</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates if available.</p> <ul class="list-unstyled"><li><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cv-xss-rwRAKAJ9">Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities</a></li> <li><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-stored-xss-Fnj66YLy">Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability</a></li> <li><a href="https://tools.cisco.com/security/center/publicationListing.x">Cisco Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • [Control systems] ABB security advisory (AV25-632)
    by Canadian Centre for Cyber Security on October 2, 2025 at 3:17 pm

    <article data-history-node-id="6852" about="/en/alerts-advisories/control-systems-abb-security-advisory-av25-632" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-632<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>October 2, 2025</p> <p>On September 28, 2025, ABB published a security advisory to address a vulnerability in the following product:</p> <ul><li>Terra AC wallbox (JP) – version 1.8.33 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A8107&amp;&amp;LanguageCode=en&amp;&amp;DocumentPartId=&amp;&amp;Action=Launch">Terra AC Wallbox Vulnerabilities</a></li> <li><a href="https://global.abb/group/en/technology/cyber-security/alerts-and-notifications">ABB Cyber security alerts and notifications</a></li> </ul></div> </div> </div> </div> </div> </article>

  • Sudo security advisory (AV25-631)
    by Canadian Centre for Cyber Security on October 1, 2025 at 5:34 pm

    <article data-history-node-id="6849" about="/en/alerts-advisories/sudo-security-advisory-av25-631" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><strong>Serial number: </strong>AV25-631<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>October 1, 2025</p> <p>On June 30, 2025, Sudo published a security advisory to address a vulnerability in the following product:</p> <ul><li>SUDO – versions 1.9.14 to version prior to 1.9.17p1</li> </ul><p>On September 29, 2025, CISA added CVE-2025-32463 to their Known Exploited Vulnerabilities (KEV) Database.</p> <ul class="list-unstyled"><li><a href="https://www.sudo.ws/security/advisories/chroot_bug/">Sudo Security Advisory</a></li> <li><a href="https://www.cisa.gov/news-events/alerts/2025/09/29/cisa-adds-five-known-exploited-vulnerabilities-catalog">CVE-2025-32463</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • Apple security advisory (AV25-630)
    by Canadian Centre for Cyber Security on September 29, 2025 at 8:22 pm

    <article data-history-node-id="6846" about="/en/alerts-advisories/apple-security-advisory-av25-629" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-630<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 29, 2025</p> <p>On September 29, 2025, Apple published security updates to address a vulnerability in the following products:</p> <ul><li>iOS and iPadOS – versions prior to 26.0.1</li> <li>iOS 18.7.1 and iPadOS 18.7.1 – versions prior to iOS 18.7.1</li> <li>macOS Tahoe – versions prior to 26.0.1</li> <li>macOS Sequoia – versions prior to 15.7.1</li> <li>macOS Sonoma – versions prior to 14.8.1</li> <li>visionOS – versions prior to 26.0.1</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://support.apple.com/en-us/100100">Apple Security Updates</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • VMware security advisory (AV25-629)
    by Canadian Centre for Cyber Security on September 29, 2025 at 8:20 pm

    <article data-history-node-id="6847" about="/en/alerts-advisories/vmware-security-advisory-av25-629" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-629<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 29, 2025</p> <p>On September 29, 2025, VMware published security advisories to address vulnerabilities in the following products:</p> <ul><li>VMware Aria Operations – versions 8.x</li> <li>VMware Cloud Foundation – versions 4.x, 4.5.x, 5.x and 9.x.x.x</li> <li>VMware NSX – versions 4.2.x, 4.1.x and 4.0.x</li> <li>VMware NSX-T – version 3.x</li> <li>VMware Telco Cloud Infrastructure – versions 3.x and 2.x</li> <li>VMware Telco Cloud Platform – versions 5.x, 4.x, 3.x and 2.x</li> <li>VMware Tools – versions 13.x.x, 12.x.x and 11.x.x</li> <li>VMware vCenter – version 7.0 and 8.0</li> <li>VMware vSphere Foundation – versions 9.x.x.x and 13.x.x.x</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p> <ul class="list-unstyled"><li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149">VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244, CVE-2025-41245, CVE-2025-41246)</a></li> <li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150">VMSA-2025-0016: VMware vCenter and NSX updates address multiple vulnerabilities (CVE-2025-41250, CVE-2025-41251, CVE-2025-41252)</a></li> <li><a href="https://support.broadcom.com/web/ecx/security-advisory">Security Advisories – VMware Cloud Foundation</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • Red Hat security advisory (AV25-628)
    by Canadian Centre for Cyber Security on September 29, 2025 at 4:30 pm

    <article data-history-node-id="6845" about="/en/alerts-advisories/red-hat-security-advisory-av25-628" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-628<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 29, 2025</p> <p>Between September 22 and 28, 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:</p> <ul><li>Red Hat CodeReady Linux Builder – multiple versions and platforms</li> <li>Red Hat Enterprise Linux – multiple versions and platforms</li> <li>Red Hat Enterprise Linux Server – multiple versions and platforms</li> <li>Red Hat Enterprise Linux for Real Time – multiple versions and platforms</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://access.redhat.com/security/security-updates/security-advisories">Red Hat Security Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • [Control systems] CISA ICS security advisories (AV25–627)
    by Canadian Centre for Cyber Security on September 29, 2025 at 3:56 pm

    <article data-history-node-id="6844" about="/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av25-627" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-627<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 29, 2025</p> <p>Between September 22 and 28, 2025, CISA published ICS advisories to address vulnerabilities in the following products:</p> <ul><li>AutomationDirect CLICK PLUS C0-0x, C0-1x, C2-x CPU firmware – versions prior to v3.71</li> <li>Dingtian DT-R002 – all versions</li> <li>Mitsubishi Electric MELSEC-Q Series CPU Modules – first five digits of serial number ‘24082’ to ‘27081’</li> <li>Schneider Electric SESU – multiple models and versions prior to 3.0.12</li> <li>Viessmann Vitogate 300 – versions prior to 3.1.0.1</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.</p> <ul class="list-unstyled"><li><a href="https://www.cisa.gov/news-events/cybersecurity-advisories?f%5B0%5D=advisory_type%3A95">CISA ICS Advisories</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • Ubuntu security advisory (AV25-626)
    by Canadian Centre for Cyber Security on September 29, 2025 at 3:40 pm

    <article data-history-node-id="6843" about="/en/alerts-advisories/ubuntu-security-advisory-av25-626" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-626<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 29, 2025</p> <p>Between September 22 and 28, 2025, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:</p> <ul><li>Ubuntu 18.04 LTS</li> <li>Ubuntu 20.04 LTS</li> <li>Ubuntu 22.04 LTS</li> <li>Ubuntu 24.04 LTS</li> <li>Ubuntu 25.04</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://ubuntu.com/security/notices">Ubuntu Security Notices</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • Dell security advisory (AV25-625)
    by Canadian Centre for Cyber Security on September 29, 2025 at 3:28 pm

    <article data-history-node-id="6842" about="/en/alerts-advisories/dell-security-advisory-av25-625" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-625<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 29, 2025</p> <p>Between September 22 and 28, 2025, Dell published security advisories to address vulnerabilities in the following products:</p> <ul><li>Dell Cloud Disaster Recovery – versions prior to 19.20</li> <li>Dell Data Protection Central – version 19.8 to 19.12 with Data Protection Central OS Update prior to dpc-osupdate-1.1.24-1</li> <li>Dell Latitude 5350, 5450, 5550, 7350, 7450 and 7650 – versions prior to 3.2.0.22</li> <li>Dell Latitude 7030 Rugged Extreme Tablet – versions prior to 3.2.0.22</li> <li>Dell Latitude 7350 Detachable – versions prior to 3.2.0.22</li> <li>Dell Latitude 9450 2-in-1 – versions prior to 3.2.0.22</li> <li>Dell Mobile Precision 3591 – versions prior to 3.2.0.22</li> <li>Dell PowerEdge Server – multiple versions and platforms</li> <li>Dell Precision 3490 and 3590 – versions prior to 3.2.0.22</li> <li>Dell Pro Rugged 13 RA13250 and RB14250 – versions prior to 3.2.0.22</li> <li>Dell SmartFabric Manager – versions prior to 1.4.1</li> <li>Dell VMware ESXi – versions prior to 9.0.0.0100</li> <li>Dell VMware ESXi – versions prior to ESXi 8.0 Update 3f</li> <li>Dell iDRAC9 – multiple versions and platforms</li> <li>PowerProtect DP Series (Integrated Data Protection Appliance (IDPA) Appliance) – version 2.7.9 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.dell.com/support/security/en-ca">Dell Security advisories and notices</a></li> </ul></div> </div> </div> </div> </div> </article>

  • IBM security advisory (AV25-624)
    by Canadian Centre for Cyber Security on September 29, 2025 at 3:10 pm

    <article data-history-node-id="6841" about="/en/alerts-advisories/ibm-security-advisory-av25-624" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-624<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 29, 2025</p> <p>Between September 22 and 28, 2025, IBM published security advisories to address vulnerabilities in multiple products.</p> <p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.ibm.com/support/pages/bulletin/">IBM Product Security Incident Response</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • Foxit security advisory (AV25-623)
    by Canadian Centre for Cyber Security on September 26, 2025 at 6:50 pm

    <article data-history-node-id="6840" about="/en/alerts-advisories/foxit-security-advisory-av25-623" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-623<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 26, 2025</p> <p>On September 25, 2025, Foxit published security advisories to address vulnerabilities in the following products:</p> <ul><li>Foxit PDF Editor (Windows) – multiple versions</li> <li>Foxit PDF Editor for Mac – multiple versions</li> <li>Foxit PDF Reader (Windows) – version 2025.2.0.33046 and prior</li> <li>Foxit PDF Reader for Mac – version 2025.2.0.68868 and prior</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p> <ul class="list-unstyled"><li><a href="https://www.foxit.com/support/security-bulletins.html">Foxit Security Bulletins</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • Google Chrome security advisory (AV25-622)
    by Canadian Centre for Cyber Security on September 26, 2025 at 5:31 pm

    <article data-history-node-id="6839" about="/en/alerts-advisories/google-chrome-security-advisory-av25-622" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-622<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 26, 2025</p> <p>On September 25, 2025, Google published a security advisory to address vulnerabilities in the following product:</p> <ul><li>Stable Channel Chrome for Desktop – versions prior to 140.0.7339.213/.214 (Mac)</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p> <ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_25.html">Google Chrome Security Advisory</a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-French-%20%20******************************************************%2D%2D%3E–><!–{C}%3C!%2D%2D%20%20%3Cspan%20lang%3D%22en%22%3E%3C%2Fspan%3E%20%20%20%2D%2D%3E–></div> </div> </div> </div> </div> </article>

  • Microsoft Edge security advisory (AV25-621)
    by Canadian Centre for Cyber Security on September 26, 2025 at 5:21 pm

    <article data-history-node-id="6838" about="/en/alerts-advisories/microsoft-edge-security-advisory-av25-621" class="cccs-threats full clearfix"> <div class="content"> <div class="layout layout–onecol"> <div class="layout__region layout__region–content"> <div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix"> </div> <div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix"> <div class="field field–name-body field–type-text-with-summary field–label-hidden field–item"><p><!–{C}%3C!%2D%2D***************************************************%20START%20ADVISORY%20-English-%20******************************************************%2D%2D%3E–></p> <p><strong>Serial number: </strong>AV25-621<br /><!–{C}%3C!%2D%2D%20DATES%20Pick%20one%20update%20the%20day%20xx%2C%20delete%20the%20rest%20%2D%2D%3E–><strong>Date: </strong>September 26, 2025</p> <p>On September 25, 2025, Microsoft published a security update to address vulnerabilities in the following product:</p> <ul><li>Microsoft Edge Stable Channel – versions prior to 140.0.3485.94</li> </ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.</p> <ul class="list-unstyled"><li><a href="https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#september-25-2025">Microsoft Edge Stable Channel Release Notes </a></li> </ul><!–{C}%3C!%2D%2D***************************************************%20END%20ADVISORY%20-English-******************************************************%2D%2D%3E–></div> </div> </div> </div> </div> </article>

Share Websitecyber

Related Posts:

We are an ethical website cyber security team and we perform security assessments to protect our clients.