ohio_k12_help_logo-xparent1-300x85
Login
ohio_k12_help_logo-xparent1-300x85
Login
Login

Cyber Security News

CIS Security Advisories

CIS Security News

CISA News

ISACA SmartBrief

RSS Cyber Security Advisories – MS-ISAC
  • Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2026-01-14
    Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe Bridge is a creative asset manager that lets you preview, organize, edit, and publish multiple creative assets quickly and easily.Adobe Dreamweaver is a web design integrated development environment (IDE) that is used to develop and design […]
  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2026-01-14
    Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; […]
  • Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution 2026-01-13
    Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution. FortiSandbox is an advanced threat detection solution from Fortinet that uses sandboxing to analyze suspicious files and network traffic for advanced threats like zero-day malware and ransomware.FortiWeb is a web application firewall (WAF) that protects web applications […]
  • Critical Patches Issued for Microsoft Products, January 13, 2026 2026-01-13
    Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; […]
  • Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2026-01-13
    Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.Mozilla Thunderbird ESR is a version […]
  • A Vulnerability in WatchGuard Fireware OS Could Allow for Arbitrary Code Execution. 2025-12-23
    A vulnerability has been discovered in WatchGuard Fireware OS, which could allow for unauthenticated arbitrary code execution. WatchGuard Fireware is the proprietary operating system that powers WatchGuard's Firebox appliances. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on the system. 
  • A Vulnerability in Cisco AsyncOS Could Allow for Remote Code Execution 2025-12-18
    A vulnerability has been discovered in Cisco AsyncOS, which could allow for remote code execution. AsyncOS is the operating system used by Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands with root-level privileges on the underlying operating system.
  • Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution 2025-12-16
    Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install […]
  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2025-12-12
    Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; […]
  • Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2025-12-09
    Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe ColdFusion is a rapid web application development platform that uses the ColdFusion Markup Language (CFML).Adobe Experience Manager (AEM) is a content management and experience management system that helps businesses build and manage their digital presence […]
RSS Blog Feed – Center for Internet Security
RSS All CISA Advisories
  • AVEVA Process Optimization 2026-01-15
    View CSAF Summary Successful exploitation of these vulnerabilities could enable an attacker to execute remote code, perform SQL injection, escalate privileges, or access sensitive information. The following versions of AVEVA Process Optimization are affected: Process Optimization (CVE-2025-61937, CVE-2025-64691, CVE-2025-61943, CVE-2025-65118, CVE-2025-64729, CVE-2025-65117, CVE-2025-64769) CVSS Vendor Equipment Vulnerabilities v3 10 AVEVA AVEVA Process Optimization Improper Control […]
    CISA
  • Festo Firmware 2026-01-14
    View CSAF Summary Incomplete Festo product documentation of remote accessible functions and their required IP ports. Depending on the product a description of the supported features can be found in the product documentation to some extent. Update A, 2022-12-13 Added affected device "Bus module CPX-E-PN, 4080497" Festo reports firmware in the following products is affected: Bus […]
    CISA
  • Schneider Electric EcoStruxure Power Build Rapsody 2026-01-14
    View CSAF Summary Schneider Electric is aware of a vulnerability in its EcoStruxure Power Build Rapsody software. The [EcoStruxure Power Build Rapsody](https://www.se.com/ww/en/product-country-selector/?pageType=product-range&sourceId=2309) is used to enter or import the single line diagram, to get the extensive bill of material of your switchboard, including all devices, connection items, and mounting components. Failure to apply the mitigations/remediations […]
    CISA
  • Siemens Industrial Edge Devices 2026-01-14
    View CSAF Summary Siemens Industrial Edge Devices contain an authorization bypass vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for […]
    CISA
  • Siemens SINEC Security Monitor 2026-01-14
    View CSAF Summary SINEC Security Monitor before V4.10.0 contains multiple vulnerabilities. Siemens has released a new version for SINEC Security Monitor and recommends to update to the latest version. The following versions of Siemens SINEC Security Monitor are affected: SINEC Security Monitor (CVE-2025-40830, CVE-2025-40831) CVSS Vendor Equipment Vulnerabilities v3 6.7 Siemens Siemens SINEC Security Monitor […]
    CISA
  • Siemens RUGGEDCOM APE1808 Devices 2026-01-14
    View CSAF Summary Nozomi Networks has published information on vulnerabilities in Nozomi Guardian/CMC. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. The following versions of Siemens RUGGEDCOM APE1808 Devices are affected: RUGGEDCOM APE1808 […]
    CISA
  • Siemens Industrial Edge Device Kit 2026-01-14
    View CSAF Summary Users of Industrial Edge Devices are advised to consult the respective Security Advisories for their devices (for Siemens Industrial Edge devices see Additional Information). Industrial Edge Device Kit contains an authorization bypass vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Siemens has released new […]
    CISA
  • Siemens SIMATIC and SIPLUS products 2026-01-14
    View CSAF Summary Siemens ET 200SP contains a denial-of-service vulnerability that could be triggered by sending a valid S7 protocol Disconnect Request (COTP DR TPDU), causing the device to become unresponsive and require a power cycle to recover. Siemens has released new versions for several affected products and recommends to update to the latest versions. […]
    CISA
  • Siemens TeleControl Server Basic 2026-01-14
    View CSAF Summary TeleControl Server Basic before V3.1.2.4 contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges. Siemens has released a new version for TeleControl Server Basic and recommends to update to the latest version. The following versions of Siemens TeleControl Server Basic are affected: TeleControl […]
    CISA
  • Siemens RUGGEDCOM ROS 2026-01-14
    View CSAF Summary Ruggedcom ROS devices contain a temporary denial of service vulnerability that could allow an attacker to crash and restart the device. Siemens has released new versions for the affected products and recommends to update to the latest versions. The following versions of Siemens RUGGEDCOM ROS are affected: RUGGEDCOM RMC8388 V5.X (CVE-2025-40935) RUGGEDCOM […]
    CISA
RSS ISACA SmartBrief on Cybersecurity
Ohio Department of Education & Workforce
MS-ISAC
CIS-Logo
Management Council Logo