Colleagues, The CVE Program is happy to announce seven (7) new CNAs: Organization Name: Automox Inc. Org Short Name: Automox Organization Location: USA Scope: All products created by Automox. Top-Level Root: MITRE Disclosure Policy location: https://www.automox.com/platform/security/responsible-disclosure Advisory location: https://www.automox.com/platform/security/security-bulletin Public point of contact: disclosu...@automox.com<mailto:disclosu...@automox.com> CNA Type: Vendor, Hosted Service Organization Name: Bizerba SE & Co. KG Org Short Name: bizerba Organization Location: Germany Scope: Bizerba products only. Top-Level Root: MITRE Disclosure Policy location: https://www.bizerba.com/int/en/family-owned-and-operated-company-since-1866/corporate-governance-acting-responsibly-globally/security-policy Advisory location: https://www.bizerba.com/us/en/family-owned-and-operated-company-since-1866/corporate-governance-acting-responsibly-globally/bizerba-security-information Public point of contact: secur...@bizerba.com<mailto:secur...@bizerba.com> CNA Type: Vendor Organization Name: Cepheid Org Short Name: CEP Organization Location: USA Scope: Cepheid products. Root: CISA ICS Top-Level Root: CISA Disclosure Policy location: https://www.cepheid.com/en-US/legal/product-security.html Advisory location: https://www.cepheid.com/en-US/legal/product-security/product-security-updates.html Public point of contact: productsecur...@cepheid.com<mailto:productsecur...@cepheid.com> CNA Type: Vendor Organization Name: Delinea, Inc. Org Short Name: Delinea Organization Location: USA Scope: Vulnerabilities in Delinea products or services listed on delinea.com, or vulnerabilities in third-party products or services discovered by or reported to Delinea, unless covered by the scope of another CNA. Top-Level Root: MITRE Disclosure Policy location: https://trust.delinea.com/?itemUid=56583ca0-6561-4cf3-a150-8c0c45d214cf Advisory location: https://trust.delinea.com/ Public point of contact: secur...@delinea.com<mailto:secur...@delinea.com> CNA Type: Vendor, Hosted Service, Researcher Organization Name: iManage LLC Org Short Name: iManage Organization Location: USA Scope: iManage issues only. Top-Level Root: MITRE Disclosure Policy location: https://docs.imanage.com/security/Vulnerability_Disclosure_Policy.html Advisory location: https://docs.imanage.com/security/Security_Vulnerabilities.html Public point of contact: productvulnerabil...@imanage.com<mailto:productvulnerabil...@imanage.com> CNA Type: Vendor Organization Name: Roche Diagnostics Org Short Name: Roche Organization Location: Switzerland Scope: Roche’s medical technology products. Root: CISA ICS Top-Level Root: CISA Disclosure Policy location: https://diagnostics.roche.com/global/en/legal/vulnerability-and-incident-handling-policy.html Advisory location: https://diagnostics.roche.com/global/en/legal/vulnerability-and-incident-handling-policy.html Public point of contact: product.secur...@roche.com<mailto:product.secur...@roche.com> CNA Type: Vendor Organization Name: S21sec Cyber Solutions by Thales Org Short Name: S21sec Organization Location: Spain Scope: Vulnerabilities discovered by S21sec that are not within another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://www.s21sec.com/CVEdisclosurepolicy/ Advisory location: https://www.s21sec.com/CVElist/ Public point of contact: cve-coordinat...@s21sec.com<mailto:cve-coordinat...@s21sec.com> CNA Type: Researcher Total CNAs: 432 CNAs (430 CNAs and 2 CNA-LRs) Total Countries: 40 (+ 1 no country affiliation)
Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]
