按 Enter 到主內容區
:::

TWCERT/CC台灣電腦網路危機處理暨協調中心|企業資安通報協處|資安情資分享|漏洞通報|資安聯盟|資安電子報

:::

3/31至4/6 Known Exploited Vulnerabilities Catalog(KEV)週報

發布日期:
字型大小:
  • 發布單位:TWCERT/CC
  • 更新日期:2025-04-09
  • 點閱次數:416
  • 內容說明:

CISA於3/31至4/6在Known Exploited Vulnerabilities Catalog(KEV)中發布3個已遭駭客利用之漏洞。

  • 影響平台:

Ivanti|Connect Secure、Policy Secure及ZTA Gateways

Apache|Tomcat

Cisco|Smart Licensing Utility

  • 處置建議:

修補說明請參考以下官方連結:

Ivanti|Connect Secure, Policy Secure and ZTA Gateways

https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-22457 

https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457

Apache|Tomcat

https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq

Cisco|Smart Licensing Utility

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw 

  • CVE編號:

CVE-2024-20439

CVE-2025-22457

CVE-2025-24813

相關連結

  1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog
  2. https://nvd.nist.gov/vuln/detail/CVE-2024-20439
  3. https://nvd.nist.gov/vuln/detail/CVE-2025-22457
  4. https://nvd.nist.gov/vuln/detail/CVE-2025-24813
回頁首