Colleagues, The CVE Program is happy to announce three (3) new CNAs: Organization Name: National Cyber Security Centre Finland Org Short Name: NCSC-FI Organization Location: Finland Scope: Vulnerabilities in software discovered by NCSC-FI, and vulnerabilities reported to NCSC-FI for coordinated disclosure, which are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/haavoittuvuudet-miten-niista-ilmoitetaan-oikein (Finnish), https://www.kyberturvallisuuskeskus.fi/en/our-services/situation-awareness-and-network-management/vulnerability-coordination (English) Advisory location: https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuudet (Finnish), https://www.kyberturvallisuuskeskus.fi/en/haavoittuvuudet (English) Public point of contact: vulnco...@ncsc.fi<mailto:vulnco...@ncsc.fi> CNA Type: CERT Organization Name: Samsung TV & Appliance Org Short Name: samsung.tv_appliance Organization Location: South Korea Scope: Samsung TV & Appliance products, Samsung-owned open-source projects listed on https://github.com/Samsung/, as well as vulnerabilities in third-party software discovered by Samsung that are not in another CNA’s scope. Vulnerabilities affecting end-of-life/end-of-service products are in scope. The following categories of Samsung Products are in scope: Internet-connected home appliances, B2C product (smart TV, smart monitor, soundbar, and projector), and B2B products (digital signage, interactive display, and kiosk). Top-Level Root: MITRE Disclosure Policy location: https://securityreport.samsung.com/#DisclosurePolicy Advisory location: https://samsungtvbounty.com/securityUpdates Public point of contact: ps...@samsung.com<mailto:ps...@samsung.com> CNA Type: Vendor, Open Source, Researcher Organization Name: Security Risk Advisors Org Short Name: SRA Organization Location: USA Scope: Vulnerabilities discovered by SRA that are not within the scope of another CNA. Top-Level Root: CISA ICS Disclosure Policy location: https://sra.io/disclosure-policy/ Advisory location: https://sra.io/advisories/ Public point of contact: advisor...@sra.io<mailto:advisor...@sra.io> CNA Type: Researcher
Total Partners: 298 Total Countries: 36 Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]