按 Enter 到主內容區
:::

TWCERT/CC台灣電腦網路危機處理暨協調中心|企業資安通報協處|資安情資分享|漏洞通報|資安聯盟|資安電子報

:::

2/10至2/16 Known Exploited Vulnerabilities Catalog(KEV)週報

發布日期:
字型大小:
  • 發布單位:TWCERT/CC
  • 更新日期:2025-02-19
  • 點閱次數:419
  • 內容說明:

CISA於2/10至2/16在Known Exploited Vulnerabilities Catalog(KEV)中發布7個已遭駭客利用之漏洞。

 

  • 影響平台:

SimpleHelp|SimpleHelp

Apple|iOS and iPadOS

Mitel|SIP Phones

Zyxel|DSL CPE Devices

Microsoft    |Windows

 

  • 處置建議:

SimpleHelp|SimpleHelp

https://simple-help.com/kb---security-vulnerabilities-01-2025

Apple|iOS and iPadOS

https://support.apple.com/en-us/122173

Mitel|SIP Phones

https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0019-001-v2.pdf

Zyxel|DSL CPE Devices

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-and-insecure-default-credentials-vulnerabilities-in-certain-legacy-dsl-cpe-02-04-2025

https://www.zyxel.com/service-provider/global/en/security-advisories/zyxel-security-advisory-command-injection-insecure-in-certain-legacy-dsl-cpe-02-04-2025

Microsoft|Windows

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21418

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21391


  • CVE編號:

CVE-2024-40890

CVE-2024-40891

CVE-2024-41710

CVE-2024-57727

CVE-2025-21391

CVE-2025-21418

CVE-2025-24200

相關連結

  1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog
  2. https://nvd.nist.gov/vuln/detail/CVE-2024-40890
  3. https://nvd.nist.gov/vuln/detail/CVE-2024-40891
  4. https://nvd.nist.gov/vuln/detail/CVE-2024-41710
  5. https://nvd.nist.gov/vuln/detail/CVE-2024-57727
  6. https://nvd.nist.gov/vuln/detail/CVE-2025-21391
  7. https://nvd.nist.gov/vuln/detail/CVE-2025-21418
  8. https://nvd.nist.gov/vuln/detail/CVE-2025-24200
回頁首