1/26至2/1 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2026-02-11
- 點閱次數:51
- 內容說明
CISA於1/26至2/1在Known Exploited Vulnerabilities Catalog(KEV)中發布7個已遭駭客利用之漏洞。
- 影響平台
Fortinet|Multiple Products
GNU|InetUtils
Ivanti|Endpoint Manager Mobile (EPMM)
Linux|Kernal
Microsoft|Office
SmarterTools|SmarterMail
- 處置建議
修補說明請參考以下官方連結:
Fortinet|Multiple Products
https://fortiguard.fortinet.com/psirt/FG-IR-26-060
https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios
GNU|InetUtils
https://cgit.git.savannah.gnu.org/cgit/inetutils.git
https://codeberg.org/inetutils/inetutils/commit/ccba9f748aa8d50a38d7748e2e60362edd6a32cc
https://codeberg.org/inetutils/inetutils/commit/fd702c02497b2f398e739e3119bed0b23dd7aa7b
Ivanti|Endpoint Manager Mobile (EPMM)
https://support.mobileiron.com/mi/vsp/AB1771634/ivanti-security-update-1761642-1.0.0S-5.noarch.rpm
https://support.mobileiron.com/mi/vsp/AB1771634/ivanti-security-update-1761642-1.0.0L-5.noarch.rpm
Linux|Kernal
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/
https://www.cve.org/CVERecord?id=CVE-2018-14634
https://access.redhat.com/errata/RHSA-2018:3540
Microsoft|Office
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509
SmarterTools|SmarterMail
https://www.smartertools.com/smartermail/release-notes/current
https://www.csa.gov.sg/s-and-advisories/s/al-2025-124/
- CVE編號
CVE-2018-14634
CVE-2025-52691
CVE-2026-1281
CVE-2026-21509
CVE-2026-23760
CVE-2026-24061
CVE-2026-24858
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2018-14634
- https://nvd.nist.gov/vuln/detail/CVE-2025-52691
- https://nvd.nist.gov/vuln/detail/CVE-2026-1281
- https://nvd.nist.gov/vuln/detail/CVE-2026-21509
- https://nvd.nist.gov/vuln/detail/CVE-2026-23760
- https://nvd.nist.gov/vuln/detail/CVE-2026-24061
- https://nvd.nist.gov/vuln/detail/CVE-2026-24858