內容說明

CISA於9/22至9/28在Known Exploited Vulnerabilities Catalog(KEV)中發布3個已遭駭客利用之漏洞。

 

影響平台

Cisco｜Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
Google｜Chromium V8

 

處置建議

 
修補說明請參考以下官方連結：

Cisco｜Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices
https://www.cisa.gov/news-events/directives/supplemental-direction-ed-25-03-core-dump-and-hunt-instructions
https://www.cisa.gov/eviction-strategies-tool/create-from-template
https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks
https://sec.cloudapps.cisco.com/security/center/private/resources/asa_ftd_continued_attacks#Details
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB

Google｜Chromium V8
https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html

 

CVE編號

CVE-2025-10585
CVE-2025-20333
CVE-2025-20362
 
 

參考資料

1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog
2. https://nvd.nist.gov/vuln/detail/CVE-2025-10585
3. https://nvd.nist.gov/vuln/detail/CVE-2025-20333
4. https://nvd.nist.gov/vuln/detail/CVE-2025-20362

新聞來源：https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alerts/cafd90d7-c0f5-4f37-b0b0-142aa00d109e/
發布日期：01/10/2025