CIS Security Advisories
CIS Security News
CISA News
ISACA SmartBrief
Cyber Security Advisories – MS-ISAC
- Multiple Vulnerabilities in Citrix Products Could Allow For Disclosure Of Sensitive Data 2025-06-27Multiple vulnerabilities have been discovered in Citrix products, the most severe of which could allow disclosure of sensitive data. Citrix ADC performs application-specific traffic analysis to intelligently distribute, optimize, and secure Layer 4 - Layer 7 network traffic for web applications. Successful exploitation of the most severe of these vulnerabilities could allow for memory overread, […]
- Multiple Vulnerabilities in Cisco ISE and ISE-PIC Could Allow for Remote Code Execution 2025-06-25Multiple vulnerabilities have been discovered in Cisco ISE and ISE-PIC that could allow for remote code execution. Cisco Identity Services Engine (ISE) is a security policy management platform that provides secure access to network resources. Successful exploitation of these vulnerabilities could allow the attacker to obtain root privileges on an affected device.
- A Vulnerability in Grafana Could Allow for Arbitrary Code Execution 2025-06-17A vulnerability exists in Grafana which could result in arbitrary code execution. Grafana is an open-source platform used for visualizing and analyzing time series data. It allows users to connect to various data sources, query and transform data, and create interactive dashboards to monitor and explore metrics, logs, and traces. Successful exploitation could allow an […]
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2025-06-10Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe InCopy is a word processor within Adobe Creative Cloud that allows copywriters and editors to write, edit, and format text in InDesign documents, while designers work on the same file in InDesign simultaneously.Adobe Experience Manager […]
- Critical Patches Issued for Microsoft Products, June 10, 2025 2025-06-10Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users […]
- Multiple Vulnerabilities in Mozilla Firefox Could Allow for Arbitrary Code Execution 2025-06-10Multiple vulnerabilities have been discovered in Mozilla Firefox, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker […]
- Multiple Vulnerabilities in HPE StoreOnce Software Could Allow for Remote Code Execution 2025-06-04Multiple Vulnerabilities have been discovered in HPE StoreOnce Software, which when chained together could allow for remote code execution, potentially leading to session hijacking and full system compromise. HPE StoreOnce is a data protection platform from Hewlett Packard Enterprise that uses deduplication to reduce backup storage requirements and improve backup and recovery speeds. Successful exploitation […]
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2025-06-03Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the […]
- A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 2025-05-15A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create […]
- Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile Could Allow for Remote Code Execution 2025-05-15Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager Mobile (EPMM) is a unified endpoint management solution that enables organizations to securely manage and monitor mobile devices, applications, and content across multiple platforms from a centralized interface. Successful exploitation of […]
Blog Feed – Center for Internet Security
- What Makes CIS Hardened Images Secure Enough for the U.S. IC 2025-06-30How do U.S. IC organizations strengthen their cloud security in a way that meets their needs? See how the CIS Hardened Images® can help.
- Lay a Cybersecurity Foundation and Master CIS Controls IG1 2025-06-13Today’s digital threats don’t discriminate by size or sector. Building a solid cybersecurity foundation is no longer optional—it’s essential.
- CIS Benchmarks June 2025 Update 2025-06-11Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for June 2025.
- How Threat Modeling, Actor Attribution Grow Cyber Defenses 2025-05-15Want to enhance your threat modeling? By combining it with threat actor attribution, you can improve your cyber defenses. Read on to learn more.
- CIS Benchmarks May 2025 Update 2025-05-05Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for May 2025.
- Top 10 Malware Q1 2025 2025-04-23In Q1 2025, the Top 10 Malware observed via the MS-ISAC® changed slightly from the previous quarter. Read our blog post to learn more.
- Hacktivist Group DieNet Claims DDoS Attacks against U.S. CNI 2025-04-16DieNet is a hacktivist group that's claimed DDoS attacks against U.S. critical infrastructure. Read on to learn its ideology and attack activity.
- CIS Benchmarks April 2025 Update 2025-04-08Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for April 2025.
- FFIEC CAT Sunset: What You Need to Know 2025-04-07How are you preparing for the sunset of the FFIEC CAT? Read on to learn how another framework can guide you through this change.
- DeepSeek: A New Player in the Global AI Race 2025-03-24CIS analysts break down the rise of DeepSeek, a GenAI model that collects data and introduces security risks for users.
All CISA Advisories
- FESTO Didactic CP, MPS 200, and MPS 400 Firmware 2025-07-01View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Didactic Equipment: CP, MPS 200, MPS 400 Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to write arbitrary data and code to protected memory […]CISA
- Voltronic Power and PowerShield UPS Monitoring Software 2025-07-01View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Voltronic Power, PowerShield Equipment: Viewpower, NetGuard Vulnerabilities: Exposed Dangerous Method or Function, Forced Browsing 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker remotely to make configuration changes, resulting in shutting down UPS connected devices or execution […]CISA
- CISA Adds Two Known Exploited Vulnerabilities to Catalog 2025-07-01CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-48927 TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability CVE-2025-48928 TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability These types of vulnerabilities are frequent attack vectors for […]CISA
- CISA Releases Seven Industrial Control Systems Advisories 2025-07-01CISA released seven Industrial Control Systems (ICS) advisories on July 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-182-01 FESTO Didactic CP, MPS 200, and MPS 400 Firmware ICSA-25-182-02 FESTO Automation Suite, FluidDraw, and Festo Didactic Products ICSA-25-182-03 FESTO CODESYS ICSA-25-182-04 FESTO Hardware Controller, Hardware Servo Press […]CISA
- Hitachi Energy Relion 670/650 and SAM600-IO Series 2025-07-01View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670/650 and SAM600-IO Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to cause a denial-of-service that disrupts critical functions in the device. 3. TECHNICAL DETAILS 3.1 […]CISA
- FESTO Automation Suite, FluidDraw, and Festo Didactic Products 2025-07-01View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO, FESTO Didactic Equipment: CIROS Studio / Education, Automation Suite, FluidDraw, FluidSIM, MES-PC Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain full control of the host system, including remote code execution. 3. […]CISA
- Hitachi Energy MSM 2025-07-01View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Modular Switchgear Monitoring (MSM) Vulnerability: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to execute untrusted code, potentially leading to unauthorized actions or system compromise. […]CISA
- FESTO Hardware Controller, Hardware Servo Press Kit 2025-07-01View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Equipment: Hardware Controller, Hardware Servo Press Kit Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute unauthorized system commands with root […]CISA
- FESTO CODESYS 2025-07-01View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Equipment: CODESYS Vulnerabilities: Partial String Comparison, Uncontrolled Resource Consumption, Memory Allocation with Excessive Size Value 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to block legitimate user connections, crash the application, or authenticate without proper credentials. […]CISA
- CISA Adds One Known Exploited Vulnerability to Catalog 2025-06-30CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-6543 Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant […]CISA
ISACA SmartBrief on Cybersecurity
- Shared network drives pose security, legal risks 2025-07-01Storing sensitive data on shared network drives can lead to data breaches and privacy lawsuits, advise James Merrifield and K -More-
- You can't win it if you're not in it. 2025-07-01D. Wayne Lukas, horse trainer 1935-2025
- Beyond security awareness training to uplifting security culture 2025-07-01A positive cyberculture is one in which personnel consistently value, use and appropriately protect organizational informatio -More-
- Is your organization actively investing in tools to detect and mitigate deepfake threats? 2025-07-01See how your answers compare to the respondents of ISACA's new AI Pulse Poll! -More-
- Execs urged to see business impact of cyberincidents 2025-07-01Cybersecurity leaders at Link Oregon's annual meeting stressed the importance of demonstrating the business impact of cyberin -More-
- Citrix servers at risk from authentication bypass flaw 2025-07-01More than 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances remain exposed to a critical vulnerability, which allow -More-
- How to find vulnerability intel beyond CVE 2025-07-01The security industry relies on the Common Vulnerabilities and Exposures program, but recent uncertainty about its future has -More-
- Study: Third-party breaches up, increase supply chain risk 2025-07-01Third-party breaches have surged, now accounting for nearly 30% of incidents compared with 15% previously, according to recen -More-
- FBI raises alarm over Scattered Spider attacks on airlines 2025-07-01The FBI has issued a warning that the Scattered Spider cybercriminal group has been targeting airlines with data extortion an -More-
