Remote Help

Serial number:AV25-559
Date:September 2, 2025

On August 29, 2025, WhatsApp published a security bulletin to address a vulnerability in the following products:

• WhatsApp for IoS – versions prior to v2.25.21.73
• WhatsApp Business for IoS – versions prior to v2.25.21.78
• WhatsApp for MAC – versions prior to v2.25.21.78

The advisory publisher referenced CVE-2025-43300 which Apple has indicated may have been exploited.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• WhatsApp Security Advisories

Serial number:AV25-558
Date:September 2, 2025

Between August 25 and 31, 2025, Dell published security advisories to address vulnerabilities in the following products:

• Dell Avamar Data Store Ge5A – versions prior to 2.24.0
• Dell Avamar Data Store Ge5A – versions prior to 7.00.00.181
• Dell ObjectScale – versions prior to 4.1.0.0
• Dell Networking Products – multiple models and versions
• Dell NetWorker Runtime Environment (NRE) – versions prior to 17.0.2
• Dell Private Cloud VMWare – versions prior to 01.01.00.00

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Dell Security advisories and notices

Serial number:AV25-557
Date:September 2, 2025

Between August 25 and 31, 2025, IBM published security advisories to address vulnerabilities in multiple products.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• IBM Product Security Incident Response

Serial number:AV25-556
Date:September 2, 2025

On September 1, 2025, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Qualcomm Security Bulletin – September

Serial number:AV25-555
Date:September 2, 2025

On August 28, 2025, HashiCorp published a security bulletin to address vulnerabilities in the following products:

• Vault Community – versions 1.15.0 to 1.20.2, 1.19.8, 1.18.13 and 1.16.24
• Vault Enterprise – versions 1.15.0 to 1.20.2, 1.19.8, 1.18.13 and 1.16.24

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• HCSEC-2025-24 - Vault Denial of Service Though Complex JSON Payloads

Serial number:AV25-554
Date:September 2, 2025

Between August 25 and 31, 2025, CISA published ICS advisories to highlight vulnerabilities in the following products:

• Delta Electronics COMMGR - versions v2.9.0 and prior
• Delta Electronics CNCSoft-G2 - versions v2.1.0.20 and prior
• GE Vernova CIMPLICITY – versions 2024, 2023, 2022, 11.0
• INVT HMITool – version 7.1.011
• INVT VT-Designer – version 2.1.13
• Mitsubishi Electric MELSEC iQ-F Series CPU Module – multiple models and versions
• Schneider Electric Modicon M340 Controller and Communication Modules – multiple models and versions
• Schneider Electric Saitel DR Remote Terminal Unit – versions 11.06.29 and prior
• Schneider Electric Saitel DP Remote Terminal Unit – versions 11.06.34 and prior

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

• CISA ICS Advisories