6/10至6/16 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2024-06-26
- 點閱次數:564
- 內容說明:
CISA於6/10至6/16在Known Exploited Vulnerabilities Catalog(KEV)中發布5個已遭駭客利用之漏洞。
- 影響平台:
受影響廠商與產品名稱如下:
Android|PIXEL
Microsoft|Windows Error Reporting Service
Progress|Telerik Report Server
ARM|Mali GPU Kernel Driver
PHP Group|Windows-based PHP
- 處置建議:
修補說明請參考以下官方連結:
Android|Pixel
https://source.android.com/docs/security/bulletin/pixel/2024-06-01
Microsoft|Windows Error Reporting Service
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169
Progress|Telerik Report Server
https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358
ARM|Mali GPU Kernel Driver
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
PHP Group|Windows-based PHP
此漏洞影響產品為開源套件或第三方函式庫,實際修補方式請參考各家廠商的說明,需要更多資訊可參考以下網址:
https://www.php.net/ChangeLog-8.php#
- CVE編號:
CVE-2024-4358
CVE-2024-4577
CVE-2024-4610
CVE-2024-26169
CVE-2024-32896
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2024-4358
- https://nvd.nist.gov/vuln/detail/CVE-2024-4577
- https://nvd.nist.gov/vuln/detail/CVE-2024-4610
- https://nvd.nist.gov/vuln/detail/CVE-2024-26169
- https://nvd.nist.gov/vuln/detail/CVE-2024-32896
- https://source.android.com/docs/security/bulletin/pixel/2024-06-01
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169
- https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
- https://www.php.net/ChangeLog-8.php