CISA to oversee CVE numbering authorities for industrial control systems and medical devices

21 September 2020

The Common Vulnerabilities and Exposures (CVE®) Program announced it is granting authority to the Cybersecurity and Infrastructure Security Agency (CISA) for managing the assignment of CVE Identifiers (IDs) for the CVE Program.

CISA, which sponsors the CVE Program, is now also designated a Top-Level Root CVE Numbering Authority for industrial control systems (ICS) and medical device vendors participating as CVE Numbering Authorities (CNA). CNAs are organizations authorized to assign CVE IDs for vulnerabilities affecting products within a distinct scope. A Top-Level Root CNA, such as CISA, manages a group of CNAs within a given domain or community and may assign CVE IDs to vulnerabilities.

Read full article on Security Magazine

Date:

21 September 2020

Categorie(s):

NEWS

Tag(s):

CISA, CVE, IT, News

Phishing Scams in the Gaming Community20 April 2024
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks20 April 2024
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack20 April 2024
How APIs Help To Improve Your Customers’ Experience [5 Tips]20 April 2024
Essential Cyber Security Plan for Small Business20 April 2024