TWCERT/CC台灣電腦網路危機處理暨協調中心|企業資安通報協處|資安情資分享|漏洞通報|資安聯盟|資安電子報-9/9至9/15 Known Exploited Vulnerabilities Catalog(KEV)週報

9/9至9/15 Known Exploited Vulnerabilities Catalog(KEV)週報

發布日期：2024-09-26

字型大小：

發布單位:TWCERT/CC
更新日期:2024-09-26
點閱次數:579

內容說明：

CISA於9/9至9/15在Known Exploited Vulnerabilities Catalog(KEV)中發布8個已遭駭客利用之漏洞。

影響平台：

受影響廠商與產品名稱如下：
Ivanti｜Cloud Services Appliance
ImageMagick｜ImageMagick
Linux｜Kernel
Microsoft｜Windows Installer
Microsoft｜Windows Mark of the Web
Microsoft｜Windows Update
Microsoft｜Publisher
SonicWall｜SonicOS

處置建議：

Ivanti｜Cloud Services Appliance
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190

ImageMagick｜ImageMagick
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588#p132726
https://imagemagick.org/archive/releases/

Linux｜Kernel
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86

Microsoft｜Windows Installer
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014

Microsoft｜Windows Mark of the Web
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38217

Microsoft｜Windows Update
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43491

Microsoft｜Publisher
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3822

SonicWall｜SonicOS
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015

CVE編號：

CVE-2016-3714
CVE-2017-1000253
CVE-2024-8190
CVE-2024-38014
CVE-2024-38217
CVE-2024-38226
CVE-2024-40766
CVE-2024-43491

9/9至9/15 Known Exploited Vulnerabilities Catalog(KEV)週報

相關連結