News

• Posted February 19, 2024
• Cyber Security Alerts
• Technical Advisories

The NCSC would like to draw your attention to two critical zero-day vulnerabilities affecting Microsoft products: CVE-2024-21410 affecting Exchange Server and CVE-2024-21413 affecting Outlook.

• Posted February 09, 2024
• Cyber Security Alerts
• Technical Advisories

The NCSC would like to draw your attention to the vulnerabilities CVE-2024-21762 and CVE-2024-23113 affecting FortiOS SSL VPN. Fortinet is aware of potential exploitation of CVE-2024-21762 in the wild.

• Posted January 11, 2024
• Cyber Security Alerts
• Technical Advisories

This Cyber Security Alert concerns two zero-day CVEs affecting Ivanti Connect Secure. The NCSC is aware of public reporting of the active exploitation in the wild from early December 2023.

• Posted December 15, 2023
• Cyber Security Alerts
• Technical Advisories

This Cyber Security Alert concerns a CVE affecting Apache Struts 2. The NCSC is aware of public reporting of the active exploitation and a proof of concept.

• Posted November 28, 2023
• Cyber Security Alerts
• Technical Advisories

This Cyber Security Alert concerns three high-severity CVEs affecting ownCloud, an open-source software product for sharing and syncing of files in distributed and federated enterprise scenarios.