Release notes for update package 1912-5242

This update package improves the detection capabilities of the Forcepoint NGFW system.

RELEASE DATE:    Tuesday August 12, 2025
MD5 CHECKSUM:    ce8ef4d8732f02d4ea5f8a2d95f20d8e
SHA1 CHECKSUM:    4a45765d031becf6ac9696a381032c39ece34197
SHA256 CHECKSUM:    68b9d59c0cf5407e606bf08957a5f8eb580ab17d21de813d7bf7dede62f4ba41


UPDATE CRITICALITY:    HIGH

MINIMUM SOFTWARE VERSIONS
- Forcepoint NGFW Security Management Center:    6.10.1.11125
- Forcepoint NGFW:    6.8.1.24103

List of detected attacks in this update package:

Risk levelDescriptionReferenceVulnerability
High     An attempt to exploit a vulnerability in Microsoft Windows     CVE-2025-53778     Microsoft-Windows-NTLM-Elevation-Of-Privilege-CVE-2025-53778
High     An attempt to exploit a vulnerability in Nvidia Triton Inference Server detected     CVE-2025-23320     Nvidia-Triton-Inference-Server-Information-Disclosure-CVE-2025-23320

Jump to: Detected Attacks Other Changes

DETECTED ATTACKS

New detected attacks:

TCP MSRPC Server Stream

RiskVulnerability/SituationReferencesRelated FingerprintSituation Type
High Microsoft-Windows-NTLM-Elevation-Of-Privilege-CVE-2025-53778 CVE-2025-53778 MSRPC_SS-Microsoft-Windows-NTLM-Elevation-Of-Privilege-CVE-2025-53778 Potential Compromise

Text File Stream

RiskVulnerability/SituationReferencesRelated FingerprintSituation Type
High Nvidia-Triton-Inference-Server-Information-Disclosure-CVE-2025-23320 CVE-2025-23320 File-Text_Nvidia-Triton-Inference-Server-Information-Disclosure-CVE-2025-23320 Suspected Compromise

Updated detected attacks:

HTTP Normalized Request-Line

RiskVulnerability/SituationReferencesRelated FingerprintSituation TypeChange Description
High Wordpress-Core-Avatar-Block-Stored-Cross-Site-Scripting-CVE-2024-4439 CVE-2024-4439 HTTP_CRL-Wordpress-Core-Avatar-Block-Stored-Cross-Site-Scripting-CVE-2024-4439 Suspected Compromise
Fingerprint regexp changed

LIST OF OTHER CHANGES:

New objects:

TypeName
CategoryNvidia Triton Inference Server
CategoryMS2025-08

Updated objects:

TypeNameChanges
IPListRwanda
IPListIraq
IPListSaudi Arabia
IPListCyprus
IPListTanzania
IPListArmenia
IPListKenya
IPListDR Congo
IPListCentral African Republic
IPListSeychelles
IPListLebanon
IPListOman
IPListQatar
IPListBahrain
IPListUnited Arab Emirates
IPListIsrael
IPListTürkiye
IPListSudan
IPListGreece
IPListEstonia
IPListLatvia
IPListAzerbaijan
IPListLithuania
IPListMoldova
IPListBelarus
IPListFinland
IPListUkraine
IPListNorth Macedonia
IPListHungary
IPListBulgaria
IPListAlbania
IPListPoland
IPListRomania
IPListZambia
IPListComoros
IPListLesotho
IPListBotswana
IPListMauritius
IPListEswatini
IPListSouth Africa
IPListMozambique
IPListMadagascar
IPListAfghanistan
IPListPakistan
IPListBangladesh
IPListTurkmenistan
IPListTajikistan
IPListIndia
IPListMyanmar
IPListUzbekistan
IPListKazakhstan
IPListKyrgyzstan
IPListVietnam
IPListThailand
IPListIndonesia
IPListTaiwan
IPListPhilippines
IPListMalaysia
IPListChina
IPListHong Kong
IPListBrunei
IPListMacao
IPListSouth Korea
IPListJapan
IPListNorth Korea
IPListSingapore
IPListTimor-Leste
IPListRussia
IPListMongolia
IPListAustralia
IPListChristmas Island
IPListPapua New Guinea
IPListNew Zealand
IPListCameroon
IPListPortugal
IPListGhana
IPListNigeria
IPListGuinea-Bissau
IPListMauritania
IPListBenin
IPListSierra Leone
IPListGibraltar
IPListChad
IPListTunisia
IPListSpain
IPListMorocco
IPListMalta
IPListDenmark
IPListIceland
IPListUnited Kingdom
IPListSwitzerland
IPListSweden
IPListThe Netherlands
IPListAustria
IPListBelgium
IPListGermany
IPListLuxembourg
IPListIreland
IPListMonaco
IPListFrance
IPListAndorra
IPListLiechtenstein
IPListSlovakia
IPListCzechia
IPListNorway
IPListSan Marino
IPListItaly
IPListSlovenia
IPListMontenegro
IPListCroatia
IPListBosnia and Herzegovina
IPListAngola
IPListGuyana
IPListSuriname
IPListParaguay
IPListUruguay
IPListBrazil
IPListFalkland Islands
IPListJamaica
IPListDominican Republic
IPListAntigua and Barbuda
IPListBelize
IPListEl Salvador
IPListGuatemala
IPListNicaragua
IPListCosta Rica
IPListVenezuela
IPListEcuador
IPListColombia
IPListPanama
IPListHaiti
IPListArgentina
IPListChile
IPListBolivia
IPListPeru
IPListMexico
IPListFrench Polynesia
IPListPuerto Rico
IPListU.S. Virgin Islands
IPListU.S. Outlying Islands
IPListAmerican Samoa
IPListCanada
IPListUnited States
IPListSerbia
IPListAntarctica
IPListTOR exit nodes IP Address List
IPListAmazon AMAZON
IPListAmazon EC2
IPListGoogle Servers
IPListAkamai Servers
IPListMicrosoft Azure datacenter for australiaeast
IPListMicrosoft Azure datacenter for australiasoutheast
IPListMicrosoft Azure datacenter for brazilsouth
IPListMicrosoft Azure datacenter for canadacentral
IPListTOR relay nodes IP Address List
IPListMicrosoft Azure datacenter for canadaeast
IPListMicrosoft Azure datacenter for centralindia
IPListMicrosoft Azure datacenter for centraluseuap
IPListMicrosoft Azure datacenter for centralus
IPListMicrosoft Azure datacenter for eastasia
IPListMicrosoft Azure datacenter for eastus2euap
IPListMicrosoft Azure datacenter for eastus2
IPListMicrosoft Azure datacenter for eastus
IPListMicrosoft Azure datacenter for centralfrance
IPListMicrosoft Azure datacenter for southfrance
IPListMicrosoft Azure datacenter for japaneast
IPListMicrosoft Azure datacenter for japanwest
IPListMicrosoft Azure datacenter for koreacentral
IPListMicrosoft Azure datacenter for koreasouth
IPListMicrosoft Azure datacenter for northcentralus
IPListMicrosoft Azure datacenter for northeurope
IPListMicrosoft Azure datacenter for southcentralus
IPListMicrosoft Azure datacenter for southindia
IPListMicrosoft Azure datacenter for southeastasia
IPListMicrosoft Azure datacenter for uksouth
IPListMicrosoft Azure datacenter for ukwest
IPListMicrosoft Azure datacenter for westcentralus
IPListMicrosoft Azure datacenter for westeurope
IPListMicrosoft Azure datacenter for westindia
IPListMicrosoft Azure datacenter for westus2
IPListMicrosoft Azure datacenter for westus
IPListMicrosoft Azure service for AzureActiveDirectory
IPListMicrosoft Azure datacenter
IPListAmazon AMAZON af-south-1
IPListAmazon EC2 af-south-1
IPListAmazon AMAZON ap-east-1
IPListAmazon EC2 ap-east-1
IPListAmazon AMAZON ap-northeast-1
IPListAmazon EC2 ap-northeast-1
IPListAmazon AMAZON ap-northeast-2
IPListAmazon EC2 ap-northeast-2
IPListBotnet IP Address List
IPListMalicious Site IP Address List
IPListMicrosoft Azure datacenter for malaysiasouth
IPListMicrosoft Azure datacenter for indonesiacentral
IPListAmazon AMAZON ap-southeast-1
IPListAmazon EC2 ap-southeast-1
IPListNordVPN Servers IP Address List
IPListMicrosoft Azure service for AzureSpringCloud
IPListAmazon AMAZON ap-southeast-2
IPListAmazon EC2 ap-southeast-2
IPListAmazon AMAZON eu-central-1
IPListAmazon EC2 eu-central-1
IPListAmazon AMAZON eu-west-1
IPListAmazon EC2 eu-west-1
IPListAmazon AMAZON eu-west-2
IPListAmazon EC2 eu-west-2
IPListAmazon AMAZON me-south-1
IPListAmazon EC2 me-south-1
IPListAmazon AMAZON sa-east-1
IPListAmazon EC2 sa-east-1
IPListAmazon AMAZON us-east-2
IPListAmazon EC2 us-east-2
IPListForcepoint Drop IP Address List
IPListMicrosoft Azure datacenter for australiacentral
IPListMicrosoft Azure datacenter for australiacentral2
IPListMicrosoft Azure datacenter for brazilse
IPListMicrosoft Azure datacenter for germanyn
IPListMicrosoft Azure datacenter for germanywc
IPListMicrosoft Azure datacenter for norwaye
IPListMicrosoft Azure datacenter for norwayw
IPListMicrosoft Azure datacenter for southafricanorth
IPListMicrosoft Azure datacenter for southafricawest
IPListMicrosoft Azure datacenter for switzerlandn
IPListMicrosoft Azure datacenter for switzerlandw
IPListMicrosoft Azure datacenter for uaecentral
IPListMicrosoft Azure datacenter for uaenorth
IPListGitHub Actions IP Address List
IPListGitHub Services IP Address List
IPListMicrosoft Azure service for AppConfiguration
IPListMicrosoft Azure service for AzureActiveDirectory_ServiceEndpoint
IPListMicrosoft Azure service for AzureAdvancedThreatProtection
IPListMicrosoft Azure service for AzureCloud
IPListMicrosoft Azure service for AzureCognitiveSearch
IPListMicrosoft Azure service for AzureEventGrid
IPListMicrosoft Azure service for AzureFrontDoor_Backend
IPListAmazon AMAZON ap-east-2
IPListMicrosoft Azure service for AzureFrontDoor_Frontend
IPListMicrosoft Azure service for AzureMonitor
IPListMicrosoft Azure service for AzureOpenDatasets
IPListMicrosoft Azure service for AzurePortal
IPListMicrosoft Azure service for AzureResourceManager
IPListMicrosoft Azure service for AzureSiteRecovery
IPListMicrosoft Azure service for BatchNodeManagement
IPListMicrosoft Azure service for CognitiveServicesManagement
IPListMicrosoft Azure service for GatewayManager
IPListMicrosoft Azure service for PowerQueryOnline
IPListMicrosoft Azure service for SqlManagement
IPListMicrosoft Azure service for Storage
IPListMicrosoft Azure service for StorageSyncService
IPListMicrosoft Azure datacenter for usstagee
IPListMicrosoft Azure datacenter for swedencentral
IPListMicrosoft Azure datacenter for swedensouth
IPListMicrosoft Azure datacenter for westus3
IPListMicrosoft Azure datacenter for usstagec
IPListMicrosoft Azure datacenter for qatarcentral
IPListMicrosoft Azure datacenter for austriaeast
IPListMicrosoft Azure datacenter for chilec
IPListMicrosoft Azure datacenter for israelcentral
IPListMicrosoft Azure datacenter for italynorth
IPListMicrosoft Azure datacenter for malaysiawest
IPListMicrosoft Azure datacenter for mexicocentral
IPListMicrosoft Azure datacenter for newzealandnorth
IPListMicrosoft Azure datacenter for polandcentral
IPListMicrosoft Azure datacenter for spaincentral
IPListMicrosoft Azure datacenter for taiwannorth
IPListMicrosoft Azure datacenter for taiwannorthwest
IPListGoogle Cloud IP Address List for asia-northeast1
IPListGoogle Cloud IP Address List for asia-northeast3
IPListGoogle Cloud IP Address List for asia-south2
IPListGoogle Cloud IP Address List for asia-southeast1
IPListGoogle Cloud IP Address List for europe-west3
IPListGoogle Cloud IP Address List for europe-west4
IPListGoogle Cloud IP Address List for global
IPListGoogle Cloud IP Address List for me-west1
IPListGoogle Cloud IP Address List for northamerica-northeast1
IPListGoogle Cloud IP Address List for northamerica-northeast2
IPListGoogle Cloud IP Address List for us-east1
IPListGoogle Cloud IP Address List for us-east4
IPListGoogle Cloud IP Address List for us-west1
IPListGoogle Cloud IP Address List for us-west2
IPListGoogle Cloud IP Address List for us-west4
IPListMicrosoft Azure datacenter for southcentralus2
SituationMSRPC-TCP_OPC-Auxiliary
Fingerprint regexp changed
SituationMSRPC-TCP_CPS-Shared-Variable-Fingerprints
Fingerprint regexp changed
SituationHTTP_PSU-Shared-Variables
Fingerprint regexp changed
ApplicationAkamai-Infrastructure
ApplicationTOR
ApplicationManoto
ApplicationNordVPN
ApplicationAzure Front Door Frontend

HOW TO IMPORT AND ACTIVATE THE DYNAMIC UPDATE PACKAGE

  1. Download the dynamic update package, then make sure that the checksums for the original files and the files that you have downloaded match.
  2. In the Management Client, select Menu > File > Import > Import Update Packages.
  3. Browse to the file, select it, then click Import.
  4. Select  Configuration, then browse to Administration > Other Elements > Updates.
  5. Right-click the imported dynamic update package, then select Activate.
  6. When the activation is finished, refresh the policy on all NGFW Engines. If your policy uses a custom template, you might need to edit the policy.

DISCLAIMER AND COPYRIGHT

Copyright © 2025 Forcepoint
Forcepoint and the FORCEPOINT logo are trademarks of Forcepoint.

All other trademarks used in this document are the property of their respective owners.

Every effort has been made to ensure the accuracy of this document. However, Forcepoint makes no warranties with respect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. Forcepoint shall not be liable for any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein. The information in this documentation is subject to change without notice.