12/1至12/7 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2025-12-10
- 點閱次數:43
- 內容說明
CISA於12/1至12/7在Known Exploited Vulnerabilities Catalog(KEV)中發布4個已遭駭客利用之漏洞。
- 影響平台
Android|Framework
Meta|React Server
ComponentsOpenPLC|ScadaBR
- 處置建議
修補說明請參考以下官方連結:
Android|Framework
https://source.android.com/docs/security/bulletin/2025-12-01
Meta|React Server Components
https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components
OpenPLC|ScadaBR
https://github.com/SCADA-LTS/Scada-LTS/pull/2174
- CVE編號
CVE-2021-26828
CVE-2025-48572
CVE-2025-48633
CVE-2025-55182