Sales

Serial number:AV25-422
Date:July 14, 2025

Between July 9 and 11, 2025, VMware published security advisories to address vulnerabilities in the following products:

• VMware Tanzu Greenplum – version 7.5.0
• VMware Tanzu GemFire – version 9.15.16
• VMware Tanzu Greenplum – version 6.30.0
• VMware Tanzu for Valkey – version 8.1.2
• VMware Tanzu for Postgres on Kubernetes – version 4.2.1

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• Security Advisories – TNZ-2025-0031
• Security Advisories – TNZ-2025-0042
• Security Advisories – TNZ-2025-0043
• Security Advisories – TNZ-2025-0044
• Security Advisories – TNZ-2025-0045
• Security Advisories – Tanzu

Serial number:AV25-406
Date: July 8, 2025

On July 8, 2025, Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• FortiAnalyzer – multiple versions
• FortiAnalyzer Cloud – multiple versions
• FortiIsolator – multiple versions
• FortiManager – multiple versions
• FortiManager Cloud – multiple versions
• FortiOS 7.6 – versions 7.6.0 to 7.6.1
• FortiOS 7.4 – versions 7.4.0 to 7.4.7
• FortiOS 7.2 – versions 7.2.0 to 7.2.11
• FortiOS 7.0 – versions 7.0.1 to 7.0.16
• FortiProxy 7.6 – versions 7.6.0 to 7.6.1
• FortiProxy 7.4 – versions 7.4.0 to 7.4.8
• FortiProxy 7.2 – versions 7.2.0 to 7.2.13
• FortiProxy 7.0 – versions 7.0.0 to 7.0.20
• FortiSandbox – multiple versions
• FortiVoice 6.4 – versions 6.4.0 to 6.4.10
• FortiVoice 7.0 – versions 7.0.0 to 7.0.6
• FortiVoice 7.2 – versions 7.2.0
• FortiWeb – multiple versions

Update 1

CVE-2025-25257: Unauthenticated SQL injection in GUI affecting:

• FortiWeb 7.6 – versions 7.6.0 to 7.6.3
• FortiWeb 7.4 – versions 7.4.0 to 7.4.7
• FortiWeb 7.2 – versions 7.2.0 to 7.2.10
• FortiWeb 7.0 – versions 7.0.0 to 7.0.10

• Fortinet PSIRT – FG-IR-25-151
   

  The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

  • Fortinet PSIRT Advisories

Serial number:AV25-421
Date:July 14, 2025

Between July 7 and 13, 2025, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat CodeReady Linux Builder – multiple versions and platforms
• Red Hat Enterprise Linux – multiple versions and platforms
• Red Hat Enterprise Linux Server – multiple versions and platforms
• Red Hat Enterprise Linux Server for Power LE – multiple versions

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Red Hat Security Advisories

Serial number:AV25-420
Date:July 14, 2025

Between July 7 and 13, 2025, CISA published ICS advisories to address vulnerabilities in the following products:

• Advantech iView – versions prior to 5.7.05 build 7057
• Delta Electronics DTM Soft – versions 1.6.0.0 and prior
• Emerson ValveLink DTM – versions prior to ValveLink 14.0
• Emerson ValveLink PRM – versions versions prior to ValveLink 14.0
• Emerson ValveLink SNAP-ON – versions prior to ValveLink 14.0
• Emerson ValveLink SOLO – versions prior to ValveLink 14.0
• End-of-Train and Head-of-Train remote linking protocol – all versions
• KUNBUS Revolution Pi OS Bullseye – version 02/2024
• KUNBUS Revolution Pi OS Bullseye – version 04/2024
• KUNBUS Revolution Pi OS Bullseye – version 06/2023
• KUNBUS Revolution Pi OS Bullseye – version 07/2023
• KUNBUS Revolution Pi OS Bullseye – version 09/2023
• KUNBUS Revolution Pi Webstatus – versions 2.4.5 and prior
• Siemens SIMATIC CN 4100 – versions prior to V4.0
• Siemens SINEC NMS – version prior to V4.0
• Siemens SIPROTEC 5 – multiple versions and models
• Siemens Solid Edge SE2025 – version prior to V225.0 Update 5
• Siemens TIA Administrator – versions prior to V3.0.6
• Siemens TIA Project-Server V17 – all versions
• Siemens TIA Project-Server – versions prior to V2.1.1
• Siemens Totally Integrated Automation Portal (TIA Portal) V17 – all versions
• Siemens Totally Integrated Automation Portal (TIA Portal) V18 – all versions
• Siemens Totally Integrated Automation Portal (TIA Portal) V19 – all versions
• Siemens Totally Integrated Automation Portal (TIA Portal) V20 – versions prior to V20 Update 3

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

• CISA ICS Advisories

Serial number:AV25-419
Date:July 14, 2025

Between July 7 and 13, 2025, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 14.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 18.04 LTS
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 24.04 LTS
• Ubuntu 24.10
• Ubuntu 25.04

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Ubuntu Security Notices

Serial number:AV25-418
Date:July 14, 2025

Between July 7 and 13, 2025, Dell published security advisories to address vulnerabilities in the following products:

• Dell PowerFlex Manager – version 4.6.2 and prior
• Dell UCC Edge – versions prior to 3.0.1

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Dell Security Advisories – DSA-2025-279
• Dell Security Advisories – DSA-2025-180
• Dell Security advisories and notices