Category: Insights

MS-ISAC NOTICE NUMBER: 2025-099 ISSUE DATE(S): 10/24/2025 PREVIEW: A vulnerability has been discovered in Microsoft Windows Server Update Services (WSUS) that could allow remote code execution. WSUS is a tool that helps organizations manage and distribute Microsoft updates across multiple computers. Instead of each PC downloading updates from Microsoft’s servers, WSUS downloads updates and stores…

Continue Reading

MS-ISAC NOTICE NUMBER: 2025-095 ISSUE DATE(S): 14/10/2025 PREVIEW: Several vulnerabilities have been discovered in Ivanti products, the most serious of which could allow remote code execution. Successful exploitation of the most severe of these vulnerabilities could allow remote code execution within the context of the system. Ivanti Endpoint Manager is a client-based unified endpoint management…

Continue Reading

MS-ISAC consultancy number: 2025-092 Published date (s): 09/30/2025 PREVIEW: Several vulnerabilities have been discovered in VMware Aria operations and VMware tools, the most serious of which could allow the climbing of the privileges of rooting. VMWARE ARIA is a multi-cloud management platform that provides automation, operations and cost management for applications and infrastructure in private,…

Continue Reading

MS-ISAC NOTICE NUMBER: 2025-091 ISSUE DATE(S): 09/25/2025 PREVIEW: Several vulnerabilities have been discovered in Cisco products, the most serious of which could allow remote code execution. Cisco is a leading technology company known for its networking hardware and software, such as routers and switches, that form the backbone of the Internet and business networks. Successful…

Continue Reading

MS-ISAC consultancy number: 2025-088 Published date (s): 09/19/2025 PREVIEW: Vulnerability has been discovered in the transfer of files managed by GoanyWhere (MFT) which could allow order injection. The transfer of GoanyWhere Managed files (MFT) is a business level software solution to automate, manage and safely monitor all organizational file transfers, whether they are server-server or…

Continue Reading

MS-ISAC consultancy number: 2025-080 Published date (s): 03/09/2025 PREVIEW: Several vulnerabilities have been discovered in Google Chrome, the most serious of which could allow arbitrary code execution. The successful exploitation of the most serious of these vulnerabilities could allow arbitrary execution of code in the context of the connected user. According to the privileges associated…

Continue Reading

MS-ISAC consultancy number: 2025-079 Published date (s): 08/27/2025 PREVIEW: Several vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway, which could allow the execution of remote code. NetScaler ADC is a networking product that works as an application delivery controller (ADC), a tool that optimizes, secures and ensures the reliable availability of applications for…

Continue Reading

Several vulnerabilities have been discovered in Cisco Security Products, the most serious of which could allow arbitrary execution of code. The details of the vulnerabilities are as follows: Tactical:: Initial access (TA0001): Technical:: Operate the public oriented application (T1190): Vulnerability in the implementation of the Radius subsystem of Cisco Secure Firewall Management Center (FMC) software…

Continue Reading

The CISA published seven reviews of industrial control systems (ICS) on August 12, 2025. These opinions provide timely information on current security problems, vulnerabilities and exploits surrounding integrated circuits. ICSA-25-224-01 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share ICSA-25-224-02 Johnson Istar Ultra, Istar Ultra SE, Istar Ultra G2, Istar Ultra G2 SE, Istar Edge G2 ICSA-25-224-03…

Continue Reading