Mission Statement

Serial number:AV25-521
Date:August 15, 2025

On August 14, 2025, VMware published security advisories to address vulnerabilities in the following products:

• VMware Tanzu for Valkey – version 7.2.9
• VMware Tanzu for Valkey – version 8.0.3
• VMware Tanzu for Valkey – version 8.1.2
• VMware Tanzu for Valkey on Kubernetes – version 2.1.0

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• Product Release Advisory - VMware Tanzu for Valkey 7.2.10
• Product Release Advisory - VMware Tanzu for Valkey 8.0.4
• Product Release Advisory - VMware Tanzu for Valkey 8.1.3
• Product Release Advisory - VMware Tanzu for Valkey on Kubernetes 3.0.0
• Security Advisories - VMware Cloud Foundation

Serial number:AV25-520
Date:August 15, 2025

On August 12, 2025, Google published a security advisory to address vulnerabilities in the following products:

• Stable Channel Chrome for Desktop – versions prior to 139.0.7258.127/128 (Windows/Mac) and 139.0.7258.127 (Linux)

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.

• Google Chrome Security Advisory

Serial number:AV25-519
Date:August 15, 2025

On August 14, 2025, Cisco published security advisories to address vulnerabilities in the multiple products.

The Cyber Centre encourages users and administrators to review the web link provided and apply the necessary updates.

• Cisco Security Advisories

Serial number:AV25-518
Date:August 15, 2025

On August 14, 2025, Siemens published advisories to address vulnerabilities in multiple products. Included were updates for the following products:

• Mendix SAML (Mendix 9.24 compatible) – versions prior to V3.6.21
• Mendix SAML (Mendix 10.12 compatible) – versions prior to V4.0.3
• Mendix SAML (Mendix 10.21 compatible) – versions prior to V4.1.2
• Desigo CC family – all versions
• SENTRON Powermanager – all versions

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.

• SSA-395458: Account Hijacking Vulnerability in Mendix SAML Module
• SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager
• Siemens Security Advisories

Serial number:AV25-517
Date:August 14, 2025

On August 14, 2025, N-able published a security advisory to address vulnerabilities in the following product:

• N-central – versions prior to 2025.3.1

On August 13, 2025, CISA added CVE-2025-8875 and CVE-2025-8876 to their Known Exploited Vulnerabilities (KEV) Catalog.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• KEV - CISA Adds Two Known Exploited Vulnerabilities to Catalog
• Announcing the GA of N-central 2025.3.1
• N-able Status

Serial number:AV25-516
Date:August 14, 2025

On August 12, 2025, ServiceNow published a Security Advisory to address a vulnerability in the following products:

• ServiceNow Washington – multiple versions
• ServiceNow Xanadu – multiple versions
• ServiceNow Yokohama – multiple versions
• ServiceNow Zurich – multiple versions

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• CVE-2025-3089 - Broken Access Control in ServiceNow AI Platform
• ServiceNow security advisories