Remote Help

Serial number:AV25-655
Date:October 10, 2025

On October 9, 2025, ServiceNow published a Security Advisory to address vulnerabilities in the following products:

• ServiceNow Washington DC – multiple versions
• ServiceNow Xanadu – multiple versions
• ServiceNow Yokohama – multiple versions
• ServiceNow Zurich – multiple versions
• ServiceNow Australia – multiple versions

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• CVE-2025-11449 & CVE-2025-11450 - Reflected Cross Site Scripting in ServiceNow AI Platform
• ServiceNow security advisories

Serial number:AV25-654
Date:October 10, 2025

On October 9, 2025, Microsoft published a security update to address vulnerabilities in the following product:

• Microsoft Edge Stable Channel – versions prior to 141.0.3537.71

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.

• Microsoft Edge Stable Channel Release Notes

Serial number:AV25-653
Date:October 10, 2025

On October 9, 2025, Google published a security advisory to address vulnerabilities in the following product:

• Stable Channel Chrome for Desktop – versions prior to 141.0.7390.76/.77 (Windows and Mac) and 141.0.7390.76 (Linux)

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.

• Google Chrome Security Advisory

Serial number:AV25-652
Date:October 9, 2025

On October 6, 2025, Esri published a security advisory to address a critical vulnerability in the following product:

• ArcGIS Server – versions 11.3, 11.4 and 11.5

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• ArcGIS Server Feature Services Security Patch
• Esri Security Advisories

Serial number:AV25-603
Date:September 18, 2025
Update:October 9, 2025

On September 17, 2025, SonicWall published a security incident report describing suspicious activity targeting their cloud backup service for firewalls. Customer firewall preference files stored in the cloud were accessed by threat actors. These files contain information that could make the exploitation of customer firewalls significantly easier.

The vendor is not aware of these files being leaked online by threat actors.

Affected products:

• SonicWall Firewalls with preference files backed up in MySonicWall.com

Update 1

On October 8, 2025, SonicWall confirmed that an unauthorized party accessed firewall configuration backup files for all customers using SonicWall’s cloud backup service.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary mitigations.

• MySonicWall Cloud Backup File Incident
• Essential Credential Reset

Serial number:AV25-651
Date:October 9, 2025

On October 8, 2025, Juniper Networks published security advisories to address vulnerabilities in multiple products.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Juniper Networks Security Advisories