Nozomi authorized to assign CVEs in the area of OT & IoT vulnerabilities

Nozomi Networks News

Nozomi Networks has been certified to be a CVE numbering authority, the first OT & IoT security specialist to join the globally recognized program according to a company announcement.

Nozomi Networks Inc. today announced it has been recognized by the CVE Program as an authorized CVE Numbering Authority (CNA), assigning CVEs in the area of OT & IoT vulnerabilities. The CVE Program is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE. It is the de facto international standard for identifying and naming cybersecurity vulnerabilities. Nozomi Networks joins an elite group of 136 CNA organizations spanning 24 countries and is the first OT & IoT security specialist to join the program.

“We are pleased to grant Nozomi Networks CVE Numbering authority,” said Scott Lawler, CEO LP3 and CVE Board Member said in a press release. “In addition to a deep commitment to ensuring the security of their own products, a team of researchers in Nozomi Networks Labs also works to identify vulnerabilities in other industrial equipment and software. Nozomi Networks leads their industry in the number of responsible disclosures made to the United States ICS-CERT. They’ve consistently demonstrated a high level of professionalism and expertise in helping impacted customers and vendors quickly address identified vulnerabilities. Their specialized expertise in OT and IoT cybersecurity and the processes they have established to ensure the cybersecurity of their own products make them a valued member of the CNA team.”

As a CNA, Nozomi Networks can now assign CVE numbers to newly identified vulnerabilities and publicly disclose information about these vulnerabilities. This includes assigning CVE numbers to vulnerabilities found in the company’s own products as well as third-party automation and industrial products not covered by another CNA.

Malware, vulnerabilities targeting OT systems surge

Increasing threats of vulnerabilities are steadily rising, particularly in sensitive areas such as OT systems and network devices, putting vital infrastructure at risk, according to data released by Skybox Research

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on whatsapp


Join over 5,000 Industrial OT & Cyber professionals

Weekly Newsletter direct to your inbox