• 發布單位:TWCERT/CC
• 更新日期:2025-02-11
• 點閱次數:683

• 內容說明：

CISA於2/3至2/9在Known Exploited Vulnerabilities Catalog(KEV)中發布11個已遭駭客利用之漏洞。

• 影響平台：

Trimble｜Cityworks

Sophos｜XG Firewall

Sophos｜CyberoamOS

Microsoft    Office｜Outlook

Audinate｜Dante Discovery

7-Zip｜7-Zip

Linux｜Kernel

Paessler｜PTRG Network Monitor

Microsoft｜NET Framework

Apache｜OFBiz

• 處置建議：

Trimble｜Cityworks

https://learn.assetlifecycle.trimble.com/i/1532182-cityworks-customer-communication-2025-02-05-docx/0

Sophos｜XG Firewall

https://community.sophos.com/b/security-blog/posts/advisory-buffer-overflow-vulnerability-in-user-portal

Sophos｜CyberoamOS

https://support.sophos.com/support/s/article/KBA-000007526

Microsoft    Office｜Outlook

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413

Audinate｜Dante Discovery

https://www.getdante.com/support/faq/audinate-response-to-dante-discovery-mdnsresponder-exe-security-issue-cve-2022-23748/

7-Zip｜7-Zip

https://www.7-zip.org/history.txt

Linux｜Kernel

https://lore.kernel.org/linux-cve-announce/2024120232-CVE-2024-53104-d781@gregkh/

Paessler｜PTRG Network Monitor

https://www.paessler.com/prtg/history/prtg-18#18.2.41.1652

https://www.paessler.com/prtg/history/prtg-18#18.2.39

Microsoft｜NET Framework

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059

Apache｜OFBiz

https://ofbiz.apache.org/security.html

• CVE編號：

CVE-2018-19410

CVE-2018-9276

CVE-2020-15069

CVE-2020-29574

CVE-2022-23748

CVE-2024-21413

CVE-2024-29059

CVE-2024-45195

CVE-2024-53104

CVE-2025-0411

CVE-2025-0994