10/7至10/13 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2024-10-28
- 點閱次數:564
- 內容說明:
CISA於10/7至10/13在Known Exploited Vulnerabilities Catalog(KEV)中發布6個已遭駭客利用之漏洞。
- 影響平台:
Ivanti|Cloud Services Appliance (CSA)
Fortinet|FortiOS、FortiPAM,、FortiProxy及FortiWeb
Microsoft |Windows MSHTML Platform
Microsoft|Windows Management Console
Qualcomm|Multiple Chipsets
- 處置建議:
修補說明請參考以下官方連結:
Ivanti|Cloud Services Appliance (CSA)
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381
Fortinet|FortiOS、FortiPAM,、FortiProxy及FortiWeb
https://www.fortiguard.com/psirt/FG-IR-24-029
Microsoft |Windows MSHTML Platform
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43573
Microsoft|Windows Management Console
https://msrc.microsoft.com/update-guide/advisory/CVE-2024-43572
Qualcomm|Multiple Chipsets
https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/dsp-kernel/-/commit/0e27b6c7d2bd8d0453e4465ac2ca49a8f8c440e2
- CVE編號:
CVE-2024-9379
CVE-2024-9380
CVE-2024-23113
CVE-2024-43047
CVE-2024-43572
CVE-2024-43573
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9
- https://www.fortiguard.com/psirt/FG-IR-24-029
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43573
- https://msrc.microsoft.com/update-guide/advisory/CVE-2024-43572
- https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/dsp-kernel/-/commit/0e27b6c7d2bd8d
- https://nvd.nist.gov/vuln/detail/CVE-2024-9379
- https://nvd.nist.gov/vuln/detail/CVE-2024-9380
- https://nvd.nist.gov/vuln/detail/CVE-2024-23113
- https://nvd.nist.gov/vuln/detail/CVE-2024-43047
- https://nvd.nist.gov/vuln/detail/CVE-2024-43572
- https://nvd.nist.gov/vuln/detail/CVE-2024-43573