Security

Serial number:AV25-548
Date:August 27, 2025

On August 27, 2025, Drupal published security advisories to address vulnerabilities in the following products:

• API Key manager – all versions
• Authenticator Login – versions prior to 2.1.8
• Facets – versions prior to 2.0.10, version 3.0.0 to versions prior to 3.0.1
• Owl Carousel 2 – all versions
• Protected Pages – version 1.8.0
• Synchronize composer.json with Contrib Modules – all versions

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates or perform the suggested mitigations.

• Drupal Security Advisories

Serial number:AV25-547
Date:August 27, 2025

On August 27, 2025, Cisco published security advisories to address vulnerabilities in the following products:

• Cisco UCS 6300 Series Fabric Interconnects
• Cisco Catalyst 8300 Series Edge uCPE
• Cisco UCS Manager Software
• Cisco UCS B-Series Blade Servers
• Cisco UCS C-Series M6, M7, and M8 Rack Servers
• Cisco UCS E-Series Servers M6
• Cisco UCS X-Series Modular System
• Cisco MDS 9000 Series Multilayer Switches
• Cisco Nexus 1000 Virtual Edge for VMware vSphere
• Cisco Nexus 3000 Series Switches
• Cisco Nexus 5500 Platform Switches
• Cisco Nexus 5600 Platform Switches
• Cisco Nexus 6000 Series Switches
• Cisco Nexus 7000 Series Switches
• Cisco Nexus 9000 Series Fabric Switches in ACI mode
• Cisco Nexus 9000 Series Switches in standalone NX-OS mode
• Cisco UCS 6400 Series Fabric Interconnects
• Cisco UCS 6500 Series Fabric Interconnects
• Cisco UCS X-Series Direct Fabric Interconnect 9108 100G
• Cisco Nexus Dashboard 3.2 and earlier
• Cisco Nexus Dashboard 4.1
• Cisco Nexus Dashboard Fabric Controller (NDFC)

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

• Cisco Security Advisories

Number: AL25-011
Date: August 27, 2025

Audience

This Alert is intended for IT professionals and managers of notified organizations.

Purpose

An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested.

Details

On August 26, 2025, Citrix published security advisories for critical vulnerabilities, CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424, affecting the following products^Footnote1:

• NetScaler ADC and NetScaler Gateway 14.1 – versions prior to 14.1-47.48
• NetScaler ADC and NetScaler Gateway 13.1 – versions prior to 13.1-59.22
• NetScaler ADC 13.1-FIPS and NDcPP – versions prior to 13.1-37.241-FIPS and NDcPP
• NetScaler ADC 12.1-FIPS and NDcPP – versions prior to 12.1-55.330-FIPS and NDcPP

CVE-2025-7775 is a memory overflow vulnerability that could lead to remote code execution and/or a denial of service in NetScaler ADC and NetScaler Gateway.

Further information about the impacted configurations of your appliance can be found in the Citrix advisory^Footnote1.

CVE-2025-7776 is a memory overflow vulnerability leading to unpredictable or erroneous behaviour and Denial of Service when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it^Footnote1.

CVE-2025-8424 is an improper access control vulnerability on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access ^Footnote1.

Secure Private Access on-prem or Secure Private Access Hybrid deployments using NetScaler instances are also affected by these vulnerabilities.

NetScaler ADC and NetScaler Gateway versions 12.1 and 13.0 are now End-Of-Life (EOL) and no longer supported^Footnote1.

Citrix reports that exploitation of CVE-2025-7775 against unmitigated appliances has been observed^Footnote1.

In response to these vulnerabilities, the Cyber Centre released AV25-543 on August 26^Footnote2. CISA added CVE-2025-7775 to their Known Exploited Vulnerabilities (KEV) catalog^Footnote3 on August 26, 2025.

The Cyber Centre is aware of online interest and speculation about these vulnerabilities and is publishing this Alert out of an abundance of caution.

Suggested actions

The Cyber Centre strongly recommends that organizations using Citrix NetScaler ADC and NetScaler Gateway appliances review the Citrix security bulletins^Footnote1 and update or upgrade the affected systems to the following versions:

• NetScaler ADC and NetScaler Gateway 14.1-47.48 and later releases
• NetScaler ADC and NetScaler Gateway 13.1-59.22 and later releases of 13.1
• NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.241 and later releases of 13.1-FIPS and 13.1-NDcPP
• NetScaler ADC 12.1-FIPS and 12.1-NDcPP 12.1-55.330 and later releases of 12.1-FIPS and 12.1-NDcPP

In addition, the Cyber Centre strongly recommends that organizations review and implement the Cyber Centre's Top 10 IT Security Actions^Footnote4 as well as reviewing the Protecting your organization against denial-of-service attacks guidance^Footnote5.

If activity matching the content of this alert is discovered, recipients are encouraged to report via the My Cyber Portal, or email contact@cyber.gc.ca.

References

Serial number:AV25-546
Date:August 27, 2025

On August 20, 2025, Docker published a security advisory to address a vulnerability in the following product:

• Docker Desktop – versions prior to 4.44.3

Open-source reporting has indicated that proof-of-concept exploit code exists for the vulnerability CVE-2025-9074.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Docker Desktop release notes

Serial number:AV25-545
Date:August 26, 2025

On August 26, 2025, Google published security advisories to address a vulnerability in the following products:

• Stable Channel Chrome for Desktop – versions prior to 139.0.7258.154/.155 (Windows/Mac) and 139.0.7258.154 (Linux)

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.

• Google Chrome Security Advisory

Serial number:AV25-544
Date:August 26, 2025

On August 26, 2025, HPE published a security advisory to address vulnerabilities in the following product:

• HPE Compute Scale-up Server 3200 – versions prior to v1.60.88

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• HPESBHF04911 rev.1 - HPE Compute Scale-up Server 3200 Platform Servers using Certain Intel Processors, INTEL-SA-01313, 2025.3 IPU, Intel Xeon Processor Firmware Advisory, Multiple Vulnerabilities
• HPE Security Bulletin Library