12/8至12/14 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2025-12-29
- 點閱次數:125
- 內容說明
CISA於12/8至12/14在Known Exploited Vulnerabilities Catalog(KEV)中發布7個已遭駭客利用之漏洞。
- 影響平台
Array Networks|ArrayOS AG
D-Link|Routers
Google|Chromium
Microsoft|Windows
OSGeo|GeoServer
RARLAB|WinRAR
Sierra Wireless|AirLink ALEOS
- 處置建議
修補說明請參考以下官方連結:
Array Networks|ArrayOS AG
https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/ag.html
https://www.jpcert.or.jp/at/2025/at250024.html
D-Link|Routers
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10308
Google|Chromium
https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security
Microsoft|Windows
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62221
OSGeo|GeoServer
https://github.com/geoserver/geoserver/security/advisories/GHSA-fjf5-xgmq-5525
https://osgeo-org.atlassian.net/browse/GEOS-11922
RARLAB|WinRAR
Sierra Wireless|AirLink ALEOS
https://www.cisa.gov/news-events/ics-advisories/icsa-19-122-03
https://source.sierrawireless.com/resources/airlink/hardware_reference_docs/airlink_es450_eol
- CVE編號
CVE-2018-4063
CVE-2022-37055
CVE-2025-6218
CVE-2025-14174
CVE-2025-58360
CVE-2025-62221
CVE-2025-66644
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2018-4063
- https://nvd.nist.gov/vuln/detail/CVE-2022-37055
- https://nvd.nist.gov/vuln/detail/CVE-2025-6218
- https://nvd.nist.gov/vuln/detail/CVE-2025-14174
- https://nvd.nist.gov/vuln/detail/CVE-2025-58360
- https://nvd.nist.gov/vuln/detail/CVE-2025-62221
- https://nvd.nist.gov/vuln/detail/CVE-2025-66644