4/7至4/13 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2025-04-18
- 點閱次數:363
- 內容說明:
CISA於4/7至4/13在Known Exploited Vulnerabilities Catalog(KEV)中發布5個已遭駭客利用之漏洞。
- 影響平台:
Linux|Kernel
Microsoft|Windows
Gladinet|CentreStack
CrushFTP|CrushFTP
- 處置建議:
修補說明請參考以下官方連結:
Linux|Kernel
https://lore.kernel.org/linux-cve-announce/2024122427-CVE-2024-53150-3a7d@gregkh/
https://lore.kernel.org/linux-cve-announce/2024122725-CVE-2024-53197-6aef@gregkh/
https://source.android.com/docs/security/bulletin/2025-04-01
Microsoft|Windows
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-29824
Gladinet|CentreStack
https://gladinetsupport.s3.us-east-1.amazonaws.com/gladinet/securityadvisory-cve-2005.pdf
https://www.centrestack.com/p/gce_latest_release.html
CrushFTP|CrushFTP
https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
- CVE編號:
CVE-2024-53150
CVE-2024-53197
CVE-2025-29824
CVE-2025-30406
CVE-2025-31161
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2024-53150
- https://nvd.nist.gov/vuln/detail/CVE-2024-53197
- https://nvd.nist.gov/vuln/detail/CVE-2025-29824
- https://nvd.nist.gov/vuln/detail/CVE-2025-30406
- https://nvd.nist.gov/vuln/detail/CVE-2025-31161