Serial number:AV25-708
Date:October 29, 2025
On October 27, 2025, Docker published a security advisory to address a vulnerability in the following product:
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.
Serial number:AV25-707
Date:October 29, 2025
On October 29, 2025, Jenkins published a security advisory to address vulnerabilities in the following products:
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
Number: AL25-016
Date: October 29, 2025
This Alert is intended for Chief Information Security Officers (CISO) and decision makers.
An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested.
In recent weeks, the Cyber Centre and the Royal Canadian Mounted Police have received multiple reports of incidents involving internet-accessible ICS. One incident affected a water facility, tampering with water pressure values and resulting in degraded service for its community. Another involved a Canadian oil and gas company, where an Automated Tank Gauge (ATG) was manipulated, triggering false alarms. A third one involved a grain drying silo on a Canadian farm, where temperature and humidity levels were manipulated, resulting in potentially unsafe conditions if not caught on time.
While individual organizations may not be direct targets of adversaries, they may become victims of opportunity as hacktivists are increasingly exploiting internet-accessible ICS devices to gain media attention, discredit organizations, and undermine Canada's reputation.
Exposed ICS components, including Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), Human-Machine Interfaces (HMIs), Supervisory Control and Data Acquisition (SCADA) systems, Safety Instrumented Systems (SIS), Building Management Systems (BMS), and Industrial Internet of Things (IIoT) devices, pose significant risks to organizations, their clients, and the broader Canadian public.
Unclear division of roles and responsibilities often creates gaps leaving critical systems unprotected. Effective communication and collaboration are essential to ensuring safety and security.
Provincial and territorial governments are encouraged to coordinate with municipalities and organizations within their jurisdictions to ensure all services are properly inventoried, documented, and protected. This is especially true for sectors where regulatory oversight does not cover cyber security, such as Water, Food, or Manufacturing.
Municipalities and organizations should work closely with their service providers to ensure that managed services are implemented securely, maintained throughout their lifecycle and based on clearly defined requirements. Vendor recommendations and guidelines should be followed to secure devices and services from deployment through decommissioning. Cyber Centre guidance referenced below can greatly assist organizations in providing frameworks for securing these systems. The Cyber Security Readiness Goals (CRGs)Footnote1 are a recommended minimum set of cyber security practices an organization can take to bolster their cyber security posture.
Organizations are advised to conduct a comprehensive inventory of all internet-accessible ICS devices and assess their necessity. Where possible, alternative solutions—such as Virtual Private Networks (VPNs) with two-factor authentication—should be implemented to avoid direct exposure to the internet.Footnote2Footnote3Footnote4 If such alternatives are not feasible, enhanced monitoring practices should be adopted. This includes active threat detection measures such as Intrusion Prevention Systems (IPS), regular penetration testing, and continuous vulnerability management.Footnote5 Technical measures should thoroughly be tested for compatibility issues and to prevent service degradation.
Additionally, organizations should regularly conduct tabletop exercises to evaluate and improve their response capabilities and help define roles and responsibilities in the event of a cyber incident.
Should activity matching the content of this alert be discovered, recipients are encouraged to report via the My Cyber Portal, or email contact@cyber.gc.ca.
The RCMP supports the Government of Canada's strategy to ensure cyber resiliency for critical infrastructure. Combatting cybercrime requires a whole-of-society approach—one that depends on strong partnerships and coordinated efforts between law enforcement, government agencies, and both the public and private sectors.
In addition to reporting to the Cyber Centre, recipients are encouraged to report to your police of jurisdiction. Early contact allows police to coordinate investigation(s) with your organization's legal team and/or to assist with mitigation actions. Although not every complaint will result in an active criminal investigation, your reporting and cooperation will contribute to efforts by law enforcement to investigate and disrupt cybercriminal activities impacting the safety and security of Canadians.
Serial number:AV25-706
Date:October 29, 2025
On October 28, 2025, Google published a security advisory to address a vulnerability in the following product:
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.
Serial number:AV25-705
Date:October 29, 2025
On October 28, 2025, VMware published security advisories to address vulnerabilities in the following products. Included were critical updates for the following :
The Cyber Centre encourages users and administrators to review the provided web link and perform the suggested mitigations.
Serial number:AV25-704
Date:October 28, 2025
On October 28, 2025, Mozilla published a security advisory to address a vulnerability in the following product:
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.