按 Enter 到主內容區
:::

TWCERT/CC台灣電腦網路危機處理暨協調中心|企業資安通報協處|資安情資分享|漏洞通報|資安聯盟|資安電子報

:::

7/21至7/27 Known Exploited Vulnerabilities Catalog(KEV)週報

發布日期:
字型大小:
  • 發布單位:TWCERT/CC
  • 更新日期:2025-08-01
  • 點閱次數:438
  • 內容說明:

CISA於7/21至7/27在Known Exploited Vulnerabilities Catalog(KEV)中發布6個已遭駭客利用之漏洞。

  • 影響平台:

SysAid|SysAid On-Prem

Google|Chromium

CrushFTP|CrushFTP

Microsoft|SharePoint

  • 處置建議:

修補說明請參考以下官方連結:

SysAid|SysAid On-Prem

https://documentation.sysaid.com/docs/24-40-60

Google|Chromium

https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html

CrushFTP|CrushFTP

https://www.crushftp.com/crush11wiki/Wiki.jsp?page=CompromiseJuly2025

Microsoft|SharePoint

https://www.cisa.gov/news-events/s/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770

https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49704

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49706

  • CVE編號:

CVE-2025-2775

CVE-2025-2776

CVE-2025-6558

CVE-2025-49704

CVE-2025-49706

CVE-2025-54309

相關連結

  1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog
  2. https://nvd.nist.gov/vuln/detail/CVE-2025-2775
  3. https://nvd.nist.gov/vuln/detail/CVE-2025-2776
  4. https://nvd.nist.gov/vuln/detail/CVE-2025-6558
  5. https://nvd.nist.gov/vuln/detail/CVE-2025-49704
  6. https://nvd.nist.gov/vuln/detail/CVE-2025-49706
  7. https://nvd.nist.gov/vuln/detail/CVE-2025-54309
回頁首