Xona Authorized as CVE Numbering Authority by the CVE Program

Hanover, MD – October 7th, 2025 – Xona, the pioneer in secure access for critical infrastructure, today announced it has been authorized as a CVE Numbering Authority (CNA) by the Common Vulnerabilities and Exposures (CVE®) Program, sponsored by the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE.

As a CNA, Xona is now authorized to assign CVE Identifiers (CVE IDs) for vulnerabilities discovered across all of its products and services. This designation reinforces Xona’s commitment to transparency, secure-by-design development practices, and responsible vulnerability disclosure, empowering customers and partners with faster remediation guidance and greater confidence in their risk management strategies.

“Being recognized as a CVE Numbering Authority underscores our mission to protect the world’s most critical systems,” said Raed Albuliwi, Chief Product Officer at Xona. “This milestone accelerates how we identify, document, and remediate vulnerabilities. By working directly within the CVE Program, Xona is giving customers and partners the confidence of clear, standardized disclosures and faster patching cycles, backed by independent third-party audits and secure-by-design practices.”

Benefits for Customers and the Security Community

With CNA status, Xona will:

• Assign CVE IDs to vulnerabilities discovered in Xona products and services.
• Publish CVE Records in a standardized, publicly accessible format.
• Provide customers with clear disclosure timelines and remediation guidance.
• Collaborate with CISA, MITRE, and the global security community to improve vulnerability coordination and resilience.

The CVE Program is a globally recognized, community-driven initiative that maintains a public catalog of known cybersecurity vulnerabilities. Each CVE ID provides a consistent reference point that enables vendors, researchers, and security professionals to communicate and coordinate more effectively.

Resources for Security Transparency

• Xona Product Security & Disclosure Policy: https://www.xonasystems.com/product-security
• Xona Security Advisories: https://www.xonasystems.com/advisories
• About the CVE Program: https://www.cve.org

About Xona

Xona’s mission is to empower the heroes protecting the critical infrastructure (CI) our communities rely on every day. Xona delivers the first secure access for critical infrastructure platform, purpose-built to secure, control, and govern access to the world’s most critical systems. Trusted by CI organizations in more than 40 countries, the Xona Platform replaces vulnerable legacy access tools like VPNs and jump servers. It delivers complete user access control, protects critical systems from insecure user endpoints, and ensures compliance with global security mandates, simplifying governance and strengthening operational security. Learn more at www.xonasystems.com.

Media Contacts:

Danielle Ostrovsky
Hi-TouchPR
410-302-9459
Ostrovsky@hi-touchpr.com