10/20至10/26 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2025-10-31
- 點閱次數:190
- 內容說明:
CISA於10/20至10/26在Known Exploited Vulnerabilities Catalog(KEV)中發布8個已遭駭客利用之漏洞。
- 影響平台:
Adobe|Commerce and Magento
Apple|Multiple Products
Kentico|Xperience CMS
Microsoft|Windows
Motex|LANSCOPE Endpoint Manager
Oracle|E-Business Suite
- 處置建議:
修補說明請參考以下官方連結:
Adobe|Commerce and Magento
https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397
Apple|Multiple Products
https://support.apple.com/en-us/HT213340
https://support.apple.com/en-us/HT213341
https://support.apple.com/en-us/HT213342
https://support.apple.com/en-us/HT213345
https://support.apple.com/en-us/HT213346
Kentico|Xperience CMS
https://devnet.kentico.com/download/hotfixes
Microsoft|Windows
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-33073
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-59287
Motex|LANSCOPE Endpoint Manager
https://www.motex.co.jp/news/notice/2025/release251020/
Oracle|E-Business Suite
https://www.oracle.com/security-s/-cve-2025-61884.html
- CVE編號:
CVE-2022-48503
CVE-2025-2746
CVE-2025-2747
CVE-2025-33073
CVE-2025-54236
CVE-2025-59287
CVE-2025-61884
CVE-2025-61932
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2022-48503
- https://nvd.nist.gov/vuln/detail/CVE-2025-2746
- https://nvd.nist.gov/vuln/detail/CVE-2025-2747
- https://nvd.nist.gov/vuln/detail/CVE-2025-33073
- https://nvd.nist.gov/vuln/detail/CVE-2025-54236
- https://nvd.nist.gov/vuln/detail/CVE-2025-59287
- https://nvd.nist.gov/vuln/detail/CVE-2025-61884
- https://nvd.nist.gov/vuln/detail/CVE-2025-61932