Serial number:AV25-384
Date:June 30, 2025

Between June 23 and 29, 2025, Dell published security advisories to address vulnerabilities for the following products:

• iDRAC10 – versions prior to 1.20.50.50
• NetWorker – versions 19.12 to 19.12.0.1 and versions prior to 19.11.0.5
• Dell Open Manage Network Integration – versions prior to 3.7
• Dell PowerMax EEM 5978 – versions prior to 5978.714.714.10730
• Dell PowerMax EEM 10.2.0.1 – versions prior to 10.2.01 Patch 10732
• Dell PowerMaxOS 5978 – versions prior to 5978.714.714.10730
• Dell PowerMax OS 10.2.0.1 – versions prior to 10.2.0.1 Patch 10732
• PowerProtect Cyber Recovery – versions prior to 19.20
• Dell Secure Connect Gateway - Appliance – versions prior to 5.30.0.14
• Solutions Enabler – versions prior to 9.2.4.11 and versions prior to 10.2.0.5
• Dell Storage Monitoring and Reporting – versions prior to 5.1.1.0
• Dell Storage Resource Manager (SRM) – versions prior to 5.1.1.0
• Unisphere for PowerMax – versions prior to 9.2.4.17 and versions prior to 10.2.0.12
• Unisphere 360 – versions prior to 9.2.4.37

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Dell Security advisories and notices

Serial number:AV25-383
Date:June 30, 2025

Between June 23 and 29, 2025, IBM published security advisories to address vulnerabilities in multiple products.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• IBM Product Security Incident Response

Serial number:AV25-382
Date:June 30, 2025

Between June 23 and 29, 2025, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 25.04
• Ubuntu 24.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 20.04 LTS

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Ubuntu Security Notices

Serial number:AV25-381
Date:June 30, 2025

Between June 23 and 29, 2025, CISA published ICS advisories to address vulnerabilities in the following products:

• ControlID iDSecure On-premises – version 4.7.48.0 and prior
• Delta Electronics CNCSoft – version v1.01.34 and prior
• Kaleris Navis N4 – versions prior to 4.0
• MICROSENS NMP WEB+ – version 3.2.5 and prior
• Mitsubishi Electric Air conditioning systems – multiple versions and models
• Parsons Utility Enterprise Data Management – versions 5.18, 5.03, 3.30, and versions 4.02 to 4.26
• Parsons AclaraONE Utility Portal – versions prior to 1.22
• Schneider Electric EVLink WallBox – all versions
• Schneider Electric Modicon Controllers M241 – versions prior to 5.3.12.51
• Schneider Electric Modicon Controllers M251 – versions prior to 5.3.12.51
• Schneider Electric Modicon Controllers M262 – versions prior to 5.3.9.18
• Schneider Electric Modicon Controllers M258 – all versions
• Schneider Electric Modicon Controllers LMC058 – all versions
• TrendMakers Sight Bulb Pro Firmware ZJ_CG32-2201 – version 8.57.83 and prior

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

• CISA ICS Advisories

Serial number:AV25-380
Date:June 27, 2025

On June 26, 2025, MongoDB published a security advisory to address a vulnerability in the following products:

• MongoDB Server v6.0 – versions prior to 6.0.21
• MongoDB Server v7.0 – versions prior to 7.0.17
• MongoDB Server v8.0 – versions prior to 8.0.5

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Pre-auth denial of service when accepting OIDC authentication

Serial number:AV25-379
Date:June 27, 2025

On June 26, 2025, VMware published a security advisory to address a vulnerability in the following product:

• RabbitMQ – version 3.13.7 and prior

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• Security Advisories – TNZ-2025-0041
• Security Advisories – Tanzu

Serial number:AV25-378
Date:June 27, 2025

On June 26, 2025, Microsoft published a security update to address vulnerabilities in the following product:

• Microsoft Edge Stable Channel – versions prior to 138.0.3351.55

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.

• Microsoft Edge Stable Channel Release Notes

Number: AL25-008
Date: June 26, 2025

Audience

This Alert is intended for IT professionals and managers of notified organizations.

Purpose

An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested.

Details

On June 17 and 25, 2025, Citrix published security advisories for critical vulnerabilities, CVE-2025-5349, CVE-2025-5777 and CVE-2025-6543, affecting the following products^{Footnote1Footnote2}:

• NetScaler ADC 12.1-FIPS – versions prior to 12.1-55.328-FIPS
• NetScaler ADC and NetScaler Gateway 14.1 – versions prior to 14.1-47.46
• NetScaler ADC and NetScaler Gateway 13.1 – versions prior to 13.1-59.19
• NetScaler ADC 13.1-FIPS and NDcPP – versions prior to 13.1-37.236-FIPS and NDcPP

NetScaler ADC and NetScaler Gateway versions 12.1 and 13.0 are now End-Of-Life (EOL) and are no longer supported.

For CVE-2025-5777 and CVE-2025-6543: NetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server for these vulnerabilities to be exploited.

For CVE-2025-5349: An improper access control configured on NetScaler management interface would lead to an access to NSIP, to Cluster Management IP and to local GSLB Site IP.

Citrix reports that exploitation of CVE-2025-6543 against unmitigated appliances has been observed. In response to these vulnerabilities, the Cyber Centre released AV25-350 on June 17^Footnote3 and AV25-374 on June 25, 2025^Footnote4.

The Cyber Centre is aware of online interest and speculation about these vulnerabilities and is publishing this Alert out of an abundance of caution.

Suggested actions

The Cyber Centre strongly recommends that organizations using Citrix NetScaler ADC and NetScaler Gateway appliances review the Citrix security bulletins^{Footnote1Footnote2} and update or upgrade the affected systems to the following versions:

• NetScaler ADC and NetScaler Gateway 14.1-47.46 and later.
• NetScaler ADC and NetScaler Gateway 13.1-59.19 and later releases of 13.1.
• NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.236 and later releases of 13.1-FIPS and 13.1-NDcPP.

In addition, the Cyber Centre strongly recommends that organizations review and implement the Cyber Centre’s Top 10 IT Security Actions^Footnote5.

If activity matching the content of this alert is discovered, recipients are encouraged to report via the My Cyber Portal, or email contact@cyber.gc.ca.

References

Serial number:AV25-377
Date:June 26, 2025

On June 25, 2025, VMware published security advisories to address vulnerabilities in the following product:

• VMware Tanzu for Postgres – versions 17.4.0, 16.8.0, 15.12.0, 14.17.0, 13.20.0
• VMware Tanzu for Postgres – versions 17.5.0, 16.9.0, 15.13.0, 14.18.0, 13.21.0

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• Security Advisories – TNZ-2025-0039
• Security Advisories – TNZ-2025-0040
• Security Advisories – Tanzu

Serial number:AV25-376
Date:June 25, 2025

On June 25, 2025, Cisco published a security advisory to address vulnerabilities in the following products:

• Cisco ISE and ISE-PIC – versions prior to 3.3
• Cisco ISE and ISE-PIC – versions prior to 3.4

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.

• Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities
• Cisco Security Advisories