Security Bulletin

In 2021, Cisco announced our partnership with SFI, a nonprofit that supports students attending minority-serving institutions. Our inaugural work with HBCUs created a blueprint that is now expanding to other minority-serving institutions, and LCOOU...

Cisco Foundation grant partner Vibrant Planet Data Commons uses science, data, and Tribal Forestry to reduce the risk of wildfires.

Cisco Networking Academy works with partners who specialize in providing education for people with disabilities to develop IT skills, powering an inclusive future for all.

ownCloud has disclosed three critical vulnerabilities, the most serious of which leads to sensitive data exposure and carries a maximum severity score.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: STARDOM FCN/FCJ Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this...

CISA released four Industrial Control Systems (ICS) advisories on November 30, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-334-01 Delta Electronics DOPSoft...

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-6345 Google Skia Integer Overflow Vulnerability CVE-2023-49103 ownCloud graphapi Information Disclosure...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: KEPServerEX, ThingWorx, OPC-Aggregator Vulnerabilities: Heap-based Buffer Overflow, Improper Validation of Certificate with Host...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerability: Stack-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Products Vulnerability: External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of...

CISA has assisted a researcher with coordinating the disclosure of multiple researcher-discovered vulnerabilities affecting web-based case and document management systems used by multiple state, county, and municipal courts. Affected systems include...

AI-enhanced social media attacks are on the rise – that’s why security teams must foster a culture of continuous awareness training and adaptive defenses.