【資安漏洞預警】CISA新增10個已知遭駭客利用之漏洞至KEV目錄(2025/09/29-2025/10/05)

【行政公告】

公告單位	圖資處數位服務組
訊息類別	行政公告行政公告	公告對象	全體
公告主題	【資安漏洞預警】CISA新增10個已知遭駭客利用之漏洞至KEV目錄(2025/09/29-2025/10/05) [Security Vulnerability Alert] CISA adds 10 known vulnerabilities to the KEV catalog (September 29, 2025 - October 5, 2025)
公告內容	轉發台灣電腦網路危機處理暨協調中心 TWCERTCC-200-202510-00000003 [內容說明] 1.【CVE-2025-32463】Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVSS v3.1: 9.3) 【是否遭勒索軟體利用:未知】 Sudo 1.9.17p1之前的版本存在漏洞，允許本地使用者取得root權限，原因在於使用--chroot選項時，會使用來自使用者可控目錄的/etc/nsswitch.conf檔案。【影響平台】請參考官方所列的影響版本 https://www.sudo.ws/security/advisories/chroot_bug/ 2.【CVE-2025-59689】Libraesva Email Security Gateway Command Injection Vulnerability (CVSS v3.1: 6.1) 【是否遭勒索軟體利用:未知】 Libraesva Email Security Gateway (ESG)存在指令注入漏洞，允許透過壓縮的電子郵件附件執行指令注入攻擊。【影響平台】請參考官方所列的影響版本 https://docs.libraesva.com/knowledgebase/security-advisory-command-injection-vulnerability-cve-2025-59689/ 3.【CVE-2025-10035】Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 10.0) 【是否遭勒索軟體利用:已知】 Fortra GoAnywhere MFT存在反序列化不受信任資料漏洞，允許攻擊者偽造合法的授權回應簽章，反序列化任意由其控制的物件，可能導致指令注入。【影響平台】請參考官方所列的影響版本 https://www.fortra.com/security/advisories/product-security/fi-2025-012 4.【CVE-2025-20352】Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability (CVSS v3.1: 7.7) 【是否遭勒索軟體利用:未知】 Cisco IOS與IOS XE在SNMP子系統中存在堆疊緩衝區溢位漏洞，可能導致拒絕服務(DoS)或遠端程式碼執行。【影響平台】請參考官方所列的影響版本 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte 5.【CVE-2021-21311】Adminer Server-Side Request Forgery Vulnerability (CVSS v3.1: 7.2) 【是否遭勒索軟體利用:未知】 Adminer存在伺服器端請求偽造(SSRF)漏洞，該漏洞若被利用，將允許遠端攻擊者取得潛在敏感資訊。【影響平台】請參考官方所列的影響版本 https://github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6 6.【CVE-2014-6278】GNU Bash OS Command Injection Vulnerability (CVSS v3.1: 8.8) 【是否遭勒索軟體利用:未知】 GNU Bash存在作業系統指令注入漏洞，允許遠端攻擊者透過特製的環境變數執行任意指令。【影響平台】 GNU Bash 1.14至4.3(含)的版本 7.【CVE-2017-1000353】Jenkins Remote Code Execution Vulnerability (CVSS v3.1: 9.8) 【是否遭勒索軟體利用:未知】 Jenkins存在遠端程式碼執行漏洞。此漏洞允許攻擊者將序列化的Java SignedObject物件傳輸至基於遠端通訊的Jenkins CLI，該物件將透過新的ObjectInputStream進行反序列化，從而繞過現有的基於封鎖清單的防護機制。【影響平台】請參考官方所列的影響版本 https://www.jenkins.io/security/advisory/2017-04-26/ 8.【CVE-2015-7755】Juniper ScreenOS Improper Authentication Vulnerability (CVSS v3.1: 9.8) 【是否遭勒索軟體利用:未知】 Juniper ScreenOS存在不當驗證漏洞，可能允許未經授權的遠端管理存取該設備。【影響平台】請參考官方所列的影響版本 https://supportportal.juniper.net/s/article/2015-12-Out-of-Cycle-Security-Bulletin-ScreenOS-Multiple-Security-issues-with-ScreenOS-CVE-2015-7755-CVE-2015-7756 9.【CVE-2025-21043】Samsung Mobile Devices Out-of-Bounds Write Vulnerability (CVSS v3.1: 8.8) 【是否遭勒索軟體利用:未知】三星行動裝置在libimagecodec.quram.so中存在越界寫入漏洞，允許遠端攻擊者執行任意程式碼。【影響平台】請參考官方所列的影響版本 https://security.samsungmobile.com/securityUpdate.smsb 10.【CVE-2025-4008】Smartbedded Meteobridge Command Injection Vulnerability (CVSS v3.1: 8.8) 【是否遭勒索軟體利用:未知】 Smartbedded Meteobridge 存在指令注入漏洞，可能允許未經身分驗證的遠端攻擊者在受影響的裝置上以提升權限(root)執行任意指令。【影響平台】請參考官方所列的影響版本 https://forum.meteohub.de/index.php [影響平台] 詳細內容於內容說明欄之影響平台 [建議措施] 1.【CVE-2025-32463】官方已針對漏洞釋出修復更新，請更新至相關版本 https://www.sudo.ws/security/advisories/chroot_bug/ 2.【CVE-2025-59689】官方已針對漏洞釋出修復更新，請更新至相關版本 https://docs.libraesva.com/knowledgebase/security-advisory-command-injection-vulnerability-cve-2025-59689/ 3.【CVE-2025-10035】官方已針對漏洞釋出修復更新，請更新至相關版本 https://www.fortra.com/security/advisories/product-security/fi-2025-012 4.【CVE-2025-20352】官方已針對漏洞釋出修復更新，請更新至相關版本 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte 5.【CVE-2021-21311】官方已針對漏洞釋出修復更新，請更新至相關版本 https://github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6 6.【CVE-2014-6278】漏洞可能影響開源元件、第三方函式庫、協定或特定實作。請依照產品釋出之緩解措施進行修補。 7.【CVE-2017-1000353】官方已針對漏洞釋出修復更新，請更新至相關版本 https://www.jenkins.io/security/advisory/2017-04-26/ 8.【CVE-2015-7755】官方已針對漏洞釋出修復更新，請更新至相關版本 https://supportportal.juniper.net/s/article/2015-12-Out-of-Cycle-Security-Bulletin-ScreenOS-Multiple-Security-issues-with-ScreenOS-CVE-2015-7755-CVE-2015-7756 9.【CVE-2025-21043】官方已針對漏洞釋出修復更新，請更新至相關版本 https://security.samsungmobile.com/securityUpdate.smsb 10. 【CVE-2025-4008】官方已針對漏洞釋出修復更新，請更新至相關版本 https://forum.meteohub.de/index.php Forwarded by Taiwan Computer Network Crisis Response and Coordination Center (TWCERTCC-200-202510-00000003) [Description] 1. [CVE-2025-32463] Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVSS v3.1: 9.3) [Exploited by Ransomware: Unknown] Sudo versions prior to 1.9.17p1 contain a vulnerability that allows local users to gain root privileges. This occurs when the --chroot option is used, using the /etc/nsswitch.conf file from a user-controlled directory. [Affected Platforms] Please refer to the official list of affected versions. https://www.sudo.ws/security/advisories/chroot_bug/ 2. [CVE-2025-59689] Libraesva Email Security Gateway Command Injection Vulnerability (CVSS v3.1: 6.1) [Exploited by Ransomware: Unknown] Libraesva Email Security Gateway (ESG) has a command injection vulnerability that allows command injection attacks via compressed email attachments. [Affected Platforms] Please refer to the official list of affected versions. https://docs.libraesva.com/knowledgebase/security-advisory-command-injection-vulnerability-cve-2025-59689/ 3. [CVE-2025-10035] Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 10.0) [Exploited by Ransomware: Known] Fortra GoAnywhere MFT has an untrusted data deserialization vulnerability. This vulnerability allows an attacker to forge a valid authorization response signature and deserialize any controlled object, potentially leading to command injection. [Affected Platforms] Please refer to the official list of affected versions. https://www.fortra.com/security/advisories/product-security/fi-2025-012 4. [CVE-2025-20352] Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability (CVSS v3.1: 7.7) [Exploited by ransomware: Unknown] Cisco IOS and IOS XE contain a stack-based buffer overflow vulnerability in the SNMP subsystem, potentially leading to a denial of service (DoS) or remote code execution. [Affected Platforms] Please refer to the official list of affected versions. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte 5. [CVE-2021-21311] Adminer Server-Side Request Forgery Vulnerability (CVSS v3.1: 7.2) [Exploited by Ransomware: Unknown] A server-side request forgery (SSRF) vulnerability in Adminer, if exploited, could allow a remote attacker to obtain potentially sensitive information. [Affected Platforms] Please refer to the official list of affected versions. https://github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6 6. [CVE-2014-6278] GNU Bash OS Command Injection Vulnerability (CVSS v3.1: 8.8) [Exploitability in Ransomware: Unknown] GNU Bash has an operating system command injection vulnerability that allows a remote attacker to execute arbitrary commands via a crafted environment variable. [Affected Platforms] GNU Bash versions 1.14 to 4.3 (inclusive) 7. [CVE-2017-1000353] Jenkins Remote Code Execution Vulnerability (CVSS v3.1: 9.8) [Exploitability in Ransomware: Unknown] Jenkins has a remote code execution vulnerability. This vulnerability allows an attacker to pass a serialized Java SignedObject object to the Jenkins CLI over remote communication. The object will be deserialized using the new ObjectInputStream, thereby bypassing existing blocklist-based protection mechanisms. [Affected Platforms] Please refer to the official list of affected versions. https://www.jenkins.io/security/advisory/2017-04-26/ 8. [CVE-2015-7755] Juniper ScreenOS Improper Authentication Vulnerability (CVSS v3.1: 9.8) [Exploited by Ransomware: Unknown] Juniper ScreenOS contains an improper authentication vulnerability that could allow unauthorized remote administrative access to the device. [Affected Platforms] Please refer to the official list of affected versions. https://supportportal.juniper.net/s/article/2015-12-Out-of-Cycle-Security-Bulletin-ScreenOS-Multiple-Security-issues-with-ScreenOS-CVE-2015-7755-CVE-2015-7756 9. [CVE-2025-21043] Samsung Mobile Devices Out-of-Bounds Write Vulnerability (CVSS v3.1: 8.8) [Exploited by Ransomware: Unknown] Samsung mobile devices have an out-of-bounds write vulnerability in libimagecodec.quram.so, allowing remote attackers to execute arbitrary code. [Affected Platforms] Please refer to the official list of affected versions. https://security.samsungmobile.com/securityUpdate.smsb 10. [CVE-2025-4008] Smartbedded Meteobridge Command Injection Vulnerability (CVSS v3.1: 8.8) [Exploited by ransomware: Unknown] A command injection vulnerability in Smartbedded Meteobridge could allow an unauthenticated remote attacker to execute arbitrary commands with elevated privileges (root) on an affected device. [Affected Platforms] Please refer to the official list of affected versions. https://forum.meteohub.de/index.php [Affected Platforms] For details, see the affected platforms in the content description section. [Recommended Actions] 1. [CVE-2025-32463] A fix has been released for this vulnerability. Please update to the relevant version. https://www.sudo.ws/security/advisories/chroot_bug/ 2. [CVE-2025-59689] A fix has been released for this vulnerability. Please update to the relevant version. https://docs.libraesva.com/knowledgebase/security-advisory-command-injection-vulnerability-cve-2025-59689/ 3. [CVE-2025-10035] A fix has been released for this vulnerability. Please update to the relevant version. https://www.fortra.com/security/advisories/product-security/fi-2025-012 4. [CVE-2025-20352] A fix has been released for this vulnerability. Please update to the relevant version. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte 5. [CVE-2021-21311] A fix has been released for this vulnerability. Please update to the relevant version. https://github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6 6. [CVE-2014-6278] This vulnerability may affect open source components, third-party libraries, protocols, or specific implementations. Please apply the patch according to the product's released mitigation measures. 7. [CVE-2017-1000353] A fix has been released for this vulnerability. Please update to the relevant version. https://www.jenkins.io/security/advisory/2017-04-26/ 8. [CVE-2015-7755] A fix has been released for this vulnerability. Please update to the relevant version. https://supportportal.juniper.net/s/article/2015-12-Out-of-Cycle-Security-Bulletin-ScreenOS-Multiple-Security-issues-with-ScreenOS-CVE-2015-7755-CVE-2015-7756 9. [CVE-2025-21043] A fix has been released for this vulnerability. Please update to the relevant version. https://security.samsungmobile.com/securityUpdate.smsb 10. [CVE-2025-4008] A fix has been released for the vulnerability. Please update to the relevant version. https://forum.meteohub.de/index.php
相關訊息
公告時間	2025/10/9 至 2026/4/9	點閱次數	60