5/19至5/25 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2025-06-11
- 點閱次數:475
- 內容說明:
CISA於5/19至5/25在Known Exploited Vulnerabilities Catalog(KEV)中發布7個已遭駭客利用之漏洞。
- 影響平台:
Samsung|MagicINFO 9 Server
ZKTeco|BioTime
Synacor|Zimbra Collaboration Suite (ZCS)
Srimax|Output Messenger
MDaemon|Email Server
Ivanti|Endpoint Manager Mobile (EPMM)
- 處置建議:
修補說明請參考以下官方連結:
Samsung|MagicINFO 9 Server
https://security.samsungtv.com/securityUpdates#SVP-MAY-2025
ZKTeco|BioTime
https://www.zkteco.com/en/Security_Bulletinsib
Synacor|Zimbra Collaboration Suite (ZCS)
https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixes
https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes
https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes
Srimax|Output Messenger
https://www.outputmessenger.com/cve-2025-27920/
MDaemon|Email Server
https://files.mdaemon.com/mdaemon/beta/RelNotes_en.html
https://mdaemon.com/pages/downloads-critical-updates
Ivanti|Endpoint Manager Mobile (EPMM)
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM
- CVE編號:
CVE-2023-38950
CVE-2024-11182
CVE-2024-27443
CVE-2025-4427
CVE-2025-4428
CVE-2025-4632
CVE-2025-27920
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2023-38950
- https://nvd.nist.gov/vuln/detail/CVE-2024-11182
- https://nvd.nist.gov/vuln/detail/CVE-2024-27443
- https://nvd.nist.gov/vuln/detail/CVE-2025-4427
- https://nvd.nist.gov/vuln/detail/CVE-2025-4428
- https://nvd.nist.gov/vuln/detail/CVE-2025-4632
- https://nvd.nist.gov/vuln/detail/CVE-2025-27920