• 發布單位:TWCERT/CC
• 更新日期:2025-06-11
• 點閱次數:444

• 內容說明：

CISA於5/12至5/18在Known Exploited Vulnerabilities Catalog(KEV)中發布10個已遭駭客利用之漏洞。

• 影響平台：

SAP｜NetWeaver

DrayTek｜Vigor Routers

Google｜Chromium

Fortinet｜Multiple Products

Microsoft｜Windows

TeleMessage｜TM SGNL

• 處置建議：

修補說明請參考以下官方連結：

SAP｜NetWeaver

https://me.sap.com/notes/3604119

DrayTek｜Vigor Routers

https://fw.draytek.com.tw/Vigor2960/Firmware/v1.5.1.5/DrayTek_Vigor2960_V1.5.1.5_01release-note.pdf

https://fw.draytek.com.tw/Vigor300B/Firmware/v1.5.1.5/DrayTek_Vigor300B_V1.5.1.5_01release-note.pdf

https://fw.draytek.com.tw/Vigor3900/Firmware/v1.5.1.5/DrayTek_Vigor3900_V1.5.1.5_01release-note.pdf

Google｜Chromium

https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html

Fortinet｜Multiple Products

https://fortiguard.fortinet.com/psirt/FG-IR-25-254

Microsoft｜Windows

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-30397

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-30400

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-32701

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-32706

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-32709

TeleMessage｜TM SGNL

https://nvd.nist.gov/vuln/detail/CVE-2025-47729

• CVE編號：

CVE-2024-12987

CVE-2025-4664

CVE-2025-30397

CVE-2025-30400

CVE-2025-32701

CVE-2025-32706

CVE-2025-32709

CVE-2025-32756

CVE-2025-42999

CVE-2025-47729