12/15至12/21 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2025-12-29
- 點閱次數:168
- 內容說明
CISA於12/15至12/21在Known Exploited Vulnerabilities Catalog(KEV)中發布7個已遭駭客利用之漏洞。
- 影響平台
Apple|Multiple Products
ASUS|Live Update
Cisco|Multiple Products
Fortinet|Multiple Products
Gladinet|CentreStack and Triofox
SonicWall|SMA1000 appliance
WatchGuard|Firebox
- 處置建議
修補說明請參考以下官方連結:
Apple|Multiple Products
https://support.apple.com/en-us/125884
https://support.apple.com/en-us/125885
https://support.apple.com/en-us/12588
https://support.apple.com/en-us/125889
https://support.apple.com/en-us/125892
ASUS|Live Update
https://www.asus.com/support/faq/1018727/
Cisco|Multiple Products
Fortinet|Multiple Products
https://fortiguard.fortinet.com/psirt/FG-IR-25-647
https://docs.fortinet.com/upgrade-tool/fortigate
Gladinet|CentreStack and Triofox
https://www.centrestack.com/p/gce_latest_release.html
https://access.triofox.com/releases_history/
WatchGuard|Firebox
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027
SonicWall|SMA1000 appliance
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019
- CVE編號
CVE-2025-14611
CVE-2025-14733
CVE-2025-20393
CVE-2025-40602
CVE-2025-43529
CVE-2025-59374
CVE-2025-59718
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2025-14611
- https://nvd.nist.gov/vuln/detail/CVE-2025-14733
- ttps://nvd.nist.gov/vuln/detail/CVE-2025-20393
- https://nvd.nist.gov/vuln/detail/CVE-2025-40602
- https://nvd.nist.gov/vuln/detail/CVE-2025-43529
- https://nvd.nist.gov/vuln/detail/CVE-2025-59374
- https://nvd.nist.gov/vuln/detail/CVE-2025-59718