4/22至4/28 Kown Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2024-05-03
- 點閱次數:61
- 內容說明:
CISA於4/22至4/28在Kown Exploited Vulnerabilities Catalog(KEV)中發布4個已遭駭客利用之漏洞。
- 影響平台:
Cisco|Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CrushFTP|CrushFTP virtual file system (VFS)
Microsoft|Windows Print Spooler
- 處置建議:
修補說明請參考以下官方連結:
Cisco|Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD):
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h
CrushFTP|CrushFTP virtual file system (VFS):
https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update&version=34
Microsoft|Windows Print Spooler:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38028
- CVE編號:
CVE-2022-38028
CVE-2024-4040
CVE-2024-20353
CVE-2024-20359
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrv
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persis
- https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update&version=34
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38028
- https://nvd.nist.gov/vuln/detail/CVE-2022-38028
- https://nvd.nist.gov/vuln/detail/CVE-2024-4040
- https://nvd.nist.gov/vuln/detail/CVE-2024-20353
- https://nvd.nist.gov/vuln/detail/CVE-2024-20359