Field Notice: FN74333 - Cisco Secure Workload Will Lose CVE Scanning and Malicious IP Threat Intelligence Functionalities If Not Upgraded to Release 3.10.5.6 or Later - Software Upgrade Recommended

Available Languages

Updated:October 15, 2025
Document ID:FN74333

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Critical
Impact Rating:
Critical
First Published:
2025-Oct-15
Last Published:
2025-Oct-15
Revision:
1.0
Cisco Bug IDs:

Notice

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.

Products Affected


Affected Software Product Affected Release Affected Release Number Comments
Tetration OS 1 1 All 1.x.x releases are affected
Tetration OS 2 2 All 2.x.x releases are affected
Tetration OS 3 3 All 3.x.x releases earlier than Release 3.10.5.6 are affected

Defect Information


Defect IDHeadline
CSCwr49334Threat Intelligence Data Will Stop Updating On Secure Workload Versions Below 3.10.5.5 On 15 NOV 2025

Problem Description


Due to changes in binary signing key, on-premises Cisco Secure Workload releases earlier than Release 3.10.5.6 will lose the functionality of Common Vulnerabilities and Exposures (CVE) scanning and malicious IP Threat Intelligence features on November 15, 2025.


Background


Starting November 15, 2025, Cisco will change the binary signing key for all Cisco Secure Workload-related binary files that are published to Cisco.com.

Cisco Secure Workload publishes CVE and malicious IP update files to Cisco.com for the Threat Intelligence feature. Due to the binary signing key change, these update files will change formats to tarball files containing signed files.


Problem Symptom


After the Cisco Secure Workload binary signing key change, the CVE scanning and malicious IP Threat Intelligence features for on-premises Cisco Secure Workload will stop receiving updated CVE and malicious IP feeds. The data will grow stale and newly found CVEs and malicious IPs will not be detected. 


Workaround/Solution


To resolve this issue, upgrade Cisco Secure Workload to Release 3.10.5.6 or later. 


Revision History


VersionDescriptionSectionDate
1.0Initial Release2025-OCT-15

For More Information

For further assistance or for more information about this field notice, contact the Cisco Technical Assistance Center (TAC) using one of the following methods:

Receive Email Notification About New Field Notices

To receive email updates about Field Notices (reliability and safety issues), Security Advisories (network security issues), and end-of-life announcements for specific Cisco products, set up a profile in My Notifications.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products