Colleagues, The CVE Program is happy to announce six (6) new CNAs:
Organization Name: cirosec GmbH Org Short Name: cirosec Organization Location: Germany Scope: Vulnerabilities discovered by or reported to cirosec researchers that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://www.cirosec.de/unternehmen/impressum/cirosec-responsible-disclosure-policy Advisory location: http://www.cirosec.de/unternehmen/unsere-kompetenzen/vulnerability-research Public point of contact: cve-requ...@cirosec.de<mailto:cve-requ...@cirosec.de> CNA Type: Researcher Organization Name: Microchip Technology Org Short Name: Microchip Organization Location: USA Scope: Microchip Technology products only. Top-Level Root: MITRE Disclosure Policy location: https://microchip.com/psirt Advisory location: https://microchip.com/psirt Public point of contact: ps...@microchip.com<mailto:ps...@microchip.com> CNA Type: Vendor Organization Name: N-able Org Short Name: N-able Organization Location: USA Scope: N-able branded products and technologies only. Top-Level Root: MITRE Disclosure Policy location: https://www.n-able.com/security-and-privacy/vulnerability-disclosure-policy Advisory location: https://me.n-able.com/s/global-search/%40uri#t=All&sort=relevancy&f:@repositorytype=[Security_Advisory] Public point of contact: ps...@n-able.com<mailto:ps...@n-able.com> CNA Type: Vendor Organization Name: OpenSource Security GmbH Org Short Name: OS-S Organization Location: Germany Scope: Vulnerabilities discovered by or reported to OpenSource Security, unless covered by another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://os-s.net/en/research/responsible-disclosure/ Advisory location: https://os-s.net/en/publications/ Public point of contact: productsecur...@jamf.com<mailto:productsecur...@jamf.com> CNA Type: Researcher Organization Name: Tego Cyber, Inc. Org Short Name: Tego_Cyber Organization Location: USA Scope: Tego Cyber issues and vulnerabilities discovered by Tego in third-party products, unless covered under the scope of another CNA. Top-Level Root: MITRE Disclosure Policy location: https://tegocyber.com/security/vulnerability-disclosure Advisory location: https://tegocyber.com/security/security-advisories Public point of contact: c...@tegocyber.com<mailto:c...@tegocyber.com> CNA Type: Vendor, Researcher Organization Name: TXOne Networks, Inc. Org Short Name: TXOne Organization Location: Taiwan Scope: Vulnerabilities in TXOne Networks products, including end-of-life products, or third-party operational technology (OT) and industrial control systems (ICS) products, unless covered by the scope of another CNA. Root: CISA ICS Top-Level Root: CISA Disclosure Policy location: https://www.txone.com/psirt/disclosure-policy/ Advisory location: https://www.txone.com/psirt/advisories/ Public point of contact: secur...@txone.com<mailto:secur...@txone.com> CNA Type: Vendor, Researcher Total CNAs: 376 CNAs (374 CNAs and 2 CNA-LRs) Total Countries: 40 (+ 1 no country affiliation) Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]
