轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202605-00000003

[內容說明]
【CVE-2024-1708】ConnectWise ScreenConnect Path Traversal Vulnerability (CVSS v3.1: 8.4)
【是否遭勒索軟體利用:未知】 ConnectWise ScreenConnect 存在路徑遍歷漏洞，可能允許攻擊者執行遠端程式碼，或直接影響機密資料與關鍵系統。

【CVE-2026-32202】Microsoft Windows Protection Mechanism Failure Vulnerability (CVSS v3.1: 4.3)
【是否遭勒索軟體利用:未知】 Microsoft Windows Shell 存在保護機制失效漏洞，允許未經授權的攻擊者透過網路進行偽裝攻擊。

【CVE-2026-41940】WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability (CVSS v3.1: 9.8)
【是否遭勒索軟體利用:未知】 WebPros 的 cPanel 與 WHM（WebHost Manager）以及 WP2（WordPress Squared）在登入流程中存在身分驗證繞過漏洞，允許未經驗證的遠端攻擊者存取控制面板。

【CVE-2026-31431】Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability (CVSS v3.1: 7.8)
【是否遭勒索軟體利用:未知】 Linux Kernel 存在Incorrect Resource Transfer Between Spheres漏洞，可能導致權限提升。

[影響平台]
【CVE-2024-1708】請參考官方所列的影響版本 https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8

【CVE-2026-32202】請參考官方所列的影響版本 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202

【CVE-2026-41940】請參考官方所列的影響版本 https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026

【CVE-2026-31431】請參考官方所列的影響版本 https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/

[建議措施]
【CVE-2024-1708】 官方已針對漏洞釋出修復更新，請更新至相關版本 https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8

【CVE-2026-32202】 官方已針對漏洞釋出修復更新，請更新至相關版本 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202

【CVE-2026-41940】 官方已針對漏洞釋出修復更新，請更新至相關版本 https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026

【CVE-2026-31431】 官方已針對漏洞釋出修復更新，請更新至相關版本 https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202605-00000003

[Content Description]
【CVE-2024-1708】ConnectWise ScreenConnect Path Traversal Vulnerability (CVSS v3.1: 8.4)
【Exploited by Ransomware: Unknown】 ConnectWise ScreenConnect has a path traversal vulnerability that could allow attackers to execute remote code or directly affect confidential data and critical systems.

【CVE-2026-32202】Microsoft Windows Protection Mechanism Failure Vulnerability (CVSS v3.1: 4.3)
【Exploited by Ransomware: Unknown】 Microsoft Windows Shell has a protection mechanism failure vulnerability that could allow unauthorized attackers to launch spoofed attacks over the network.

【CVE-2026-41940】WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability (CVSS v3.1: 9.8)
【Exploited by Ransomware: Unknown】 WebPros cPanel, WHM (WebHost Manager), and WP2 (WordPress Squared) contain an authentication bypass vulnerability in their login process, allowing unauthenticated remote attackers to access the control panel.

【CVE-2026-31431】Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability (CVSS v3.1: 7.8)
【Exploited by Ransomware: Unknown】 The Linux Kernel contains an Incorrect Resource Transfer Between Spheres vulnerability, which could lead to privilege escalation.

[Affected Platforms]
【CVE-2024-1708】Please refer to the official list of affected versions: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8

【CVE-2026-32202】Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202

【CVE-2026-41940】Please refer to the official list of affected versions: https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026

【CVE-2026-31431】Please refer to the official list of affected versions. https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/

[Recommended Actions]
【CVE-2024-1708】 An official patch update has been released for this vulnerability. Please update to the relevant version: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8

【CVE-2026-32202】 An official patch update has been released for this vulnerability. Please update to the relevant version: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202

【CVE-2026-41940】 An official patch update has been released for this vulnerability. Please update to the relevant version. https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026

【CVE-2026-31431】 An official patch update has been released for this vulnerability. Please update to the relevant version. https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/