CIS Security Advisories
CIS Security News
CISA News
ISACA SmartBrief
Cyber Security Advisories – MS-ISAC
- A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 2025-05-15A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create […]
- Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile Could Allow for Remote Code Execution 2025-05-15Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager Mobile (EPMM) is a unified endpoint management solution that enables organizations to securely manage and monitor mobile devices, applications, and content across multiple platforms from a centralized interface. Successful exploitation of […]
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2025-05-14Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install […]
- Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution 2025-05-13Multiple vulnerabilities have been discovered in Fortinet Products, the most severe of which could allow for arbitrary code execution. The products affected by vulnerabilities in this round of monthly Fortinet patches is: FortiADC is an application delivery controller (ADC) from Fortinet that enhances application availability, performance, and security. It offers features like load balancing, SSL/TLS offloading, […]
- Critical Patches Issued for Microsoft Products, May 13, 2025 2025-05-13Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users […]
- Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution 2025-05-12Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution with no additional execution privileges needed. Android is an operating system developed by Google for mobile devices, such as smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for […]
- Multiple Vulnerabilities in SonicWall Secure Mobile Access (SMA) 100 Series Management Interface Could Allow for Remote Code Execution 2025-05-05Multiple vulnerabilities have been discovered in SonicWall Secure Mobile Access (SMA) 100 Management Interface, which could allow for remote code execution. SonicWall Secure Mobile Access (SMA) is a unified secure access gateway used by organizations to provide employees access to applications from anywhere. Successful exploitation of these vulnerabilities when chained together could allow for remote code […]
- Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2025-04-29Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.Mozilla Thunderbird ESR is a version […]
- A Vulnerability in SAP NetWeaver Visual Composer Could Allow for Remote Code Execution 2025-04-25A vulnerability has been discovered in SAP NetWeaver Visual Composer, which could allow for remote code execution. SAP NetWeaver Visual Composer is SAP’s web-based software modelling tool. It enables business process specialists and developers to create business application components, without coding. Successful exploitation of this vulnerability could allow for remote code execution in the context […]
- A Vulnerability in SonicWall Secure Mobile Access (SMA) 100 Series Management Interface Could Allow for Remote Code Execution 2025-04-23A vulnerability has been discovered in SonicWall Secure Mobile Access (SMA) 100 Management Interface, which could allow for remote code execution. SonicWall Secure Mobile Access (SMA) is a unified secure access gateway used by organizations to provide employees access to applications from anywhere. Successful exploitation of this vulnerability could allow for remote code execution.
Blog Feed – Center for Internet Security
- How Threat Modeling, Actor Attribution Grow Cyber Defenses 2025-05-15Want to enhance your threat modeling? By combining it with threat actor attribution, you can improve your cyber defenses. Read on to learn more.
- CIS Benchmarks May 2025 Update 2025-05-05Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for May 2025.
- Top 10 Malware Q1 2025 2025-04-23In Q1 2025, the Top 10 Malware observed via the MS-ISAC® changed slightly from the previous quarter. Read our blog post to learn more.
- Hacktivist Group DieNet Claims DDoS Attacks against U.S. CNI 2025-04-16DieNet is a hacktivist group that's claimed DDoS attacks against U.S. critical infrastructure. Read on to learn its ideology and attack activity.
- CIS Benchmarks April 2025 Update 2025-04-08Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for April 2025.
- FFIEC CAT Sunset: What You Need to Know 2025-04-07How are you preparing for the sunset of the FFIEC CAT? Read on to learn how another framework can guide you through this change.
- DeepSeek: A New Player in the Global AI Race 2025-03-24CIS analysts break down the rise of DeepSeek, a GenAI model that collects data and introduces security risks for users.
- Active Lumma Stealer Campaign Impacting U.S. SLTTs 2025-03-20The CIS CTI team spotted a Lumma Stealer campaign where SLTT victims were redirected to malicious webpages delivering fake CAPTCHA verifications.
- CIS Benchmarks March 2025 Update 2025-03-10Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for March 2025.
- CIS Benchmarks February 2025 Update 2025-02-05Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for February 2025.
All CISA Advisories
- Danfoss AK-SM 8xxA Series 2025-05-20View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable remotely Vendor: Danfoss Equipment: AK-SM 8xxA Series Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could enable a remote attacker to bypass authentication and execute arbitrary code remotely. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of AK-SM 800A system manager […]CISA
- Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products 2025-05-20View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric Equipment: ICONICS Product Suite and Mitsubishi Electric MC Works64 Vulnerability: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information tampering on the target workstation. 3. TECHNICAL DETAILS 3.1 […]CISA
- Vertiv Liebert RDU101 and UNITY 2025-05-20View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vertiv Equipment: Liebert RDU101 and Liebert UNITY Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or achieve remote code execution […]CISA
- ABUP IoT Cloud Platform 2025-05-20View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable remotely/Low attack complexity Vendor: ABUP Equipment: ABUP Internet of Things (IoT) Cloud Platform Vulnerability: Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access device profiles for which they are not authorized. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS […]CISA
- AutomationDirect MB-Gateway 2025-05-20View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: MB-Gateway Vulnerability: Missing Authentication For Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to make configuration changes, disrupt operations, or achieve arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following AutomationDirect […]CISA
- Schneider Electric PrismaSeT Active - Wireless Panel Server 2025-05-20View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PrismaSeT Active - Wireless Panel Server Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized code execution, which could result in the unavailability of the […]CISA
- Assured Telematics Inc (ATI) Fleet Management System with Geotab Integration 2025-05-20View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Assured Telematics Inc. Equipment: Fleet Management System Vulnerabilities: Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker collecting sensitive file system information or obtain administrative credentials. 3. […]CISA
- Schneider Electric Modicon Controllers 2025-05-20View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon Controllers M241/M251/M258/LMC058 Vulnerability: Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a loss of confidentiality when an unauthenticated attacker manipulates a controller's webserver URL to access […]CISA
- CISA Releases Thirteen Industrial Control Systems Advisories 2025-05-20CISA released thirteen Industrial Control Systems (ICS) advisories on May 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-140-01 ABUP IoT Cloud Platform ICSA-25-140-02 National Instruments Circuit Design Suite ICSA-25-140-03 Danfoss AK-SM 8xxA Series ICSA-25-140-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products ICSA-25-140-05 Siemens Siveillance […]CISA
- Schneider Electric Galaxy VS, Galaxy VL, Galaxy VXL 2025-05-20View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Galaxy VS, Galaxy VL, Galaxy VXL Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthenticated remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following […]CISA
ISACA SmartBrief on Cybersecurity
- Don't ever think that just because you do things differently, you're wrong. 2025-05-20Gail Tsukiyama, writer May is Asian American, Native Hawaiian, and Pacific Islander Heritage Month
- Breach at Legal Aid Agency affects 15 years of applicants 2025-05-20The Legal Aid Agency in the UK has confirmed a data breach in which hackers stole sensitive information about legal aid appli -More-
- Commentary: Time to be proactive about handling data 2025-05-20Traci Gusher of accounting/consulting company EY emphasizes the need for organizations to adopt a proactive data governance s -More-
- Compliance fatigue challenges financial institutions 2025-05-20UK financial institutions are facing compliance fatigue as they struggle to keep up with an increasing number of regulations, -More-
- Survey: AI deployments expected to go autonomous 2025-05-20Over half of AI deployments will be autonomous in the next two years, according to a survey of tech executives by EY. -More-
- CISOs face security challenges in cloud environments 2025-05-20Nick Godfrey, senior director and head of the Office of the CISO at Google Cloud, discusses the challenges posed by digital t -More-
- Mozilla patches 2 Firefox zero-day vulnerabilities 2025-05-20Mozilla has released security patches for Firefox to address a pair of critical zero-day vulnerabilities. -More-
- AI hallucinations can pose cybersecurity risks 2025-05-20AI systems can produce hallucinations, or outputs that are inaccurate or misleading, posing risks to cybersecurity operations -More-
