{"id":1823,"date":"2022-04-01T15:25:12","date_gmt":"2022-04-01T07:25:12","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=1823"},"modified":"2022-04-01T15:25:43","modified_gmt":"2022-04-01T07:25:43","slug":"cisa%e4%b8%8b%e4%bb%a4%e8%a6%81%e6%b1%82%e8%81%af%e9%82%a6%e6%a9%9f%e6%a7%8b%e4%b8%89%e9%80%b1%e5%85%a7%e4%bf%ae%e8%a3%9c%e5%a5%bd%e5%85%ab%e5%80%8b%e6%bc%8f%e6%b4%9e%ef%bc%8c%e5%8c%85%e5%90%absophos","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=1823","title":{"rendered":"CISA\u4e0b\u4ee4\u8981\u6c42\u806f\u90a6\u6a5f\u69cb\u4e09\u9031\u5167\u4fee\u88dc\u597d\u516b\u500b\u6f0f\u6d1e\uff0c\u5305\u542bSophos \u9632\u706b\u7246\u7684\u91cd\u5927\u6f0f\u6d1e\uff0c\u53e6\u5916\uff0c\u5408\u52e4\u4fee\u88dc\u4e86\u5f71\u97ff\u9632\u706b\u7246\u548c VPN \u8a2d\u5099\u7684\u91cd\u5927\u6f0f\u6d1e"},"content":{"rendered":"\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/04\/image-1.png\" alt=\"\" class=\"wp-image-1825\" width=\"865\" height=\"413\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/04\/image-1.png 865w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/04\/image-1-300x143.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/04\/image-1-768x367.png 768w\" sizes=\"auto, (max-width: 865px) 100vw, 865px\" \/><figcaption>\u516b\u500b\u806f\u90a6\u6a5f\u69cb\u9700\u8981\u5728 4 \u6708 21 \u65e5\u524d\u4fee\u88dc\u597d\u7684\u6f0f\u6d1e<\/figcaption><\/figure>\n\n\n\n<p>\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u53ca\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40(CISA) \u5df2\u65bc\u9031\u56db (3\u6708 31 \u65e5) \u4e0b\u4ee4\u806f\u90a6\u6a5f\u69cb\u57284 \u6708 21 \u65e5\u4e4b\u524d\u4fee\u88dc\u4e00\u500b\u91cd\u5927\u7684 Sophos \u9632\u706b\u7246\u6f0f\u6d1e\u548c\u5176\u4ed67\u500b\u6f0f\u6d1e\uff0c\u6240\u6709\u9019\u4e9b\u6f0f\u6d1e\u90fd\u5728\u6301\u7e8c\u906d\u99ed\u5ba2\u9396\u5b9a\u3002\u6b63\u5982<a href=\"https:\/\/www.sophos.com\/en-us\/security-advisories\/sophos-sa-20220325-sfos-rce\">Sophos<\/a> \u5728\u4e09\u6708\u4e0b\u65ec\u62ab\u9732\u7684\u90a3\u6a23\uff0c\u7de8\u865fCVE-2022-1040 \u7684\u9a57\u8b49\u7e5e\u904e\u6f0f\u6d1e\u4f7f\u653b\u64ca\u8005\u80fd\u5920\u901a\u904e\u7528\u6236\u5165\u53e3\u7db2\u7ad9\u548cWeb\u7ba1\u7406\u4ecb\u9762\uff0c\u7e5e\u904e\u8eab\u4efd\u9a57\u8b49\u4e26\u80fd\u8b93\u653b\u64ca\u8005\u9060\u7aef\u57f7\u884c\u7a0b\u5f0f\u78bc\uff0c\u6b64\u6f0f\u6d1eCVSS 3.1\u98a8\u96aa\u503c\u90549.8\uff0cSophos\u5728\u66f4\u65b0\u6539\u5176\u5b89\u5168\u516c\u544a\u6642\uff0c\u7a31\u767c\u73fe\u90e8\u5206\u4f4d\u65bc\u5357\u4e9e\u5730\u5340\u7528\u6236\u906d\u99ed\u5ba2\u9396\u5b9a\u3002<\/p>\n\n\n\n<p>CISA \u9084\u547d\u4ee4\u806f\u90a6\u6a5f\u69cb\u4fee\u88dc\u8da8\u52e2\u79d1\u6280\u7684Apex Central \u7522\u54c1\u7ba1\u7406\u63a7\u5236\u53f0\u4e2d\u7684\u4e00\u500b\u9ad8\u56b4\u91cd\u6027\u4efb\u610f\u6a94\u6848\u4e0a\u50b3\u6f0f\u6d1eCVE-2022-26871\uff0cCVSS\u98a8\u96aa\u503c\u90548.6\uff0c\u8a72\u6f0f\u6d1e\u53ef\u5728\u9060\u7aef\u57f7\u884c\u7a0b\u5f0f\u78bc\u57f7\u884c\u653b\u64ca\u4e2d\u88ab\u6feb\u7528\u3002\u9031\u4e8c( 3\u670829\u65e5)\uff0c\u8da8\u52e2\u79d1\u6280\u8868\u793a\uff0c\u89c0\u5bdf\u5230\u5df2\u6709\u99ed\u5ba2\u5728\u7a4d\u6975\u7684\u5617\u8a66\u958b\u63a1\u6f0f\u6d1e\u3002<\/p>\n\n\n\n<p>\u64da<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-agencies-to-patch-actively-exploited-sophos-firewall-bug\/\">BleepingComputer<\/a>\u5831\u5c0e\uff0cCISA \u4eca\u5929\u5728\u5176\u5df2\u77e5\u88ab\u958b\u63a1\u6f0f\u6d1e(\u00a0<a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\" rel=\"noreferrer noopener\">Known Exploited Vulnerabilities Catalog<\/a>)\u6e05\u55ae\u4e2d\u589e\u52a0\u4e86\u516d\u500b\u6f0f\u6d1e\uff0c\u6240\u6709\u9019\u4e9b\u6f0f\u6d1e\u4e5f\u5728\u6301\u7e8c\u7684\u906d\u99ed\u5ba2\u9396\u5b9a\u3002\u6839\u64da 2021 \u5e74 11 \u6708\u6839\u64da\u5177\u6709\u7d04\u675f\u6027\u4f5c\u696d\u6307\u5f15(BOD 22-01)\uff0c\u806f\u90a6\u6c11\u4e8b\u884c\u653f\u90e8\u9580\u6a5f\u69cb (FCEB)\u5fc5\u9808\u4fdd\u8b77\u5176\u7cfb\u7d71\u514d\u53d7\u9019\u4e9b\u5b89\u5168\u6f0f\u6d1e\u7684\u5f71\u97ff\uff0cCISA\u8981\u6c42\u4ed6\u5011\u5728 4 \u6708 21 \u65e5\u4e4b\u524d\u4fee\u88dc\u597d\u4eca\u5929\u589e\u52a0\u7684\u6f0f\u6d1e\u3002<\/p>\n\n\n\n<p>CISA\u89e3\u91cb\u8aaa\uff1a\u201c\u9019\u4e9b\u985e\u578b\u7684\u6f0f\u6d1e\u662f\u6240\u6709\u985e\u578b\u7684\u60e1\u610f\u7db2\u8def\u53c3\u8207\u8005\u7684\u5e38\u898b\u653b\u64ca\u5a92\u4ecb\uff0c\u4e26\u5c0d\u806f\u90a6\u4f01\u696d\u69cb\u6210\u91cd\u5927\u98a8\u96aa \u3002 \u201d\u96d6\u7136 BOD 22-01 \u6307\u4ee4\u50c5\u9069\u7528\u65bc FCEB \u6a5f\u69cb\uff0c\u4f46 CISA \u9084\u6566\u4fc3\u79c1\u71df\u548c\u516c\u5171\u90e8\u9580\u7d44\u7e54\u512a\u5148\u4fee\u88dc\u9019\u4e9b\u7a4d\u6975\u6feb\u7528\u7684\u5b89\u5168\u6f0f\u6d1e\uff0c\u4ee5\u6e1b\u5c11\u5176\u7db2\u7d61\u906d\u53d7\u6301\u7e8c\u7db2\u8def\u653b\u64ca\u7684\u98a8\u96aa\u3002\u5728\u767c\u5e03\u6b64\u7d81\u5b9a\u6307\u4ee4\u5f8c\uff0cCISA \u5728\u5176\u7a4d\u6975\u5229\u7528\u7684\u6f0f\u6d1e\u5217\u8868\u4e2d\u6dfb\u52a0\u4e86\u6578\u767e\u500b\u6f0f\u6d1e\uff0c\u8981\u6c42\u7f8e\u570b\u806f\u90a6\u6a5f\u69cb\u76e1\u5feb\u4fee\u88dc\u5b83\u5011\u4ee5\u9632\u6b62\u5b89\u5168\u6f0f\u6d1e\u3002<\/p>\n\n\n\n<p>\u81ea\u4eca\u5e74\u5e74\u521d\u4ee5\u4f86\uff0c\u7db2\u8def\u5b89\u5168\u6a5f\u69cb\u9084\u4e0b\u4ee4\u5404\u6a5f\u69cb\u4fee\u88dc\u7a4d\u6975\u5229\u7528\u7684\u96f6\u65e5\u6f0f\u6d1e\uff1a<\/p>\n\n\n\n<p>Google\u700f\u89bd\u5668(CVE-2022-1096)<\/p>\n\n\n\n<p>Mozilla \u7684 Firefox \u7db2\u7d61\u700f\u89bd\u5668 (CVE-2022-26485)<\/p>\n\n\n\n<p>Google Chrome (CVE-2022-0609) \u548c Adob\u200b\u200be Commerce\/Magento \u958b\u6e90 (CVE-2022-24086)<\/p>\n\n\n\n<p>iPhone\u3001iPad \u548c Mac\u00a0 (CVE-2022-22620)<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"865\" height=\"332\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/04\/image.png\" alt=\"\" class=\"wp-image-1824\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/04\/image.png 865w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/04\/image-300x115.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/04\/image-768x295.png 768w\" sizes=\"auto, (max-width: 865px) 100vw, 865px\" \/><figcaption>\u5408\u52e4\u767c\u5e03\u7684\u5b89\u5168\u516c\u544a<\/figcaption><\/figure>\n\n\n\n<p>3\u670829\u65e5\u7db2\u8def\u8a2d\u5099\u88fd\u9020\u5546\u5408\u52e4 (Zyxel )\u5df2\u91dd\u5c0d\u5f71\u97ff\u5176\u90e8\u5206\u4f01\u696d\u7d1a\u9632\u706b\u7246\u548c VPN \u7522\u54c1\u7684\u97cc\u9ad4\u91cd\u5927\u6f0f\u6d1e\u91cb\u51fa\u5b89\u5168\u66f4\u65b0\uff0c\u8a72\u6f0f\u6d1e\u53ef\u80fd\u4f7f\u653b\u64ca\u8005\u80fd\u5920\u63a7\u5236\u8a2d\u5099\u3002\u5728\u67d0\u4e9b\u9632\u706b\u7246\u7248\u672c\u7684 CGI \u7a0b\u5f0f\u4e2d\u767c\u73fe\u4e86\u4e00\u500b\u7531\u65bc\u7f3a\u4e4f\u9069\u7576\u7684\u5b58\u53d6\u63a7\u5236\u6a5f\u5236\u800c\u5c0e\u81f4\u7e5e\u904e\u8eab\u4efd\u9a57\u8b49\u7684\u6f0f\u6d1e\uff0c\u5408\u52e4\u767c\u5e03\u7684\u5b89\u5168\u516c\u544a\u4e2d\u8868\u793a\uff0c\u8a72\u6f0f\u6d1e\u53ef\u80fd\u5141\u8a31\u653b\u64ca\u8005\u7e5e\u904e\u8eab\u4efd\u9a57\u8b49\u4e26\u7372\u5f97\u5c0d\u8a2d\u5099\u7684\u7ba1\u7406\u5b58\u53d6\u6b0a\u9650\u3002\u8a72\u6f0f\u6d1e\u7684\u7de8\u865f\u70baCVE-2022-0342\uff0c\u7f8e\u570b\u570b\u5bb6\u6a19\u6e96\u8207\u6280\u8853\u7814\u7a76\u9662 (NIST) \u5c1a\u672a\u5c0d\u98a8\u96aa\u503c\u63d0\u4f9b\u8a55\u5206\uff0c\u4f46\u5408\u52e4\u7684\u8a55\u4f30\u7d66\u51fa\u4e86 9.8 \u5206\uff08\u6eff\u5206 10 \u5206\uff09\uff0cCVE-2022-0342\u6d89\u53ca USG\/ZyWALL\u3001USG FLEX\u3001ATP\u3001VPN \u548c NSG\uff08\u661f\u96f2\u5b89\u5168\u7db2\u95dc\uff09\u7cfb\u5217\u7684\u7522\u54c1\u3002<\/p>\n\n\n\n<p>\u4ee5\u4e0b\u5408\u52e4\u7522\u54c1\u53d7\u5230\u5f71\u97ff\u2014\u2014<\/p>\n\n\n\n<p>USG\/ZyWALL\u7cfb\u5217\u97cc\u9ad4\u7248\u672c ZLD V4.20 \u5230 ZLD V4.70\uff08\u5408\u52e4\u5df2\u91cb\u51fa\u66f4\u65b0\u7248\u97cc\u9ad4ZLD V4.71\uff09<\/p>\n\n\n\n<p>USG FLEX \u7cfb\u5217\u97cc\u9ad4\u7248\u672c ZLD V4.50 \u81f3 ZLD V5.20\uff08\u5408\u52e4\u5df2\u91cb\u51fa\u66f4\u65b0\u7248\u97cc\u9ad4ZLD V5.21\uff09<\/p>\n\n\n\n<p>ATP \u7cfb\u5217\u97cc\u9ad4\u7248\u672c ZLD V4.32 \u81f3 ZLD V5.20\uff08\u5408\u52e4\u5df2\u91cb\u51fa\u66f4\u65b0\u7248\u97cc\u9ad4 ZLD V5.21\uff09<\/p>\n\n\n\n<p>VPN \u7cfb\u5217\u97cc\u9ad4\u7248\u672c ZLD V4.30 \u81f3 ZLD V5.20\uff08\u5408\u52e4\u5df2\u91cb\u51fa\u66f4\u65b0\u7248\u97cc\u9ad4ZLD V5.21 \uff09<\/p>\n\n\n\n<p>\u91dd\u5c0dNSG\u7cfb\u5217\uff0c\u5408\u52e4\u76ee\u524d\u91cb\u51faHotfix\uff0c\u9810\u8a085\u67085\u65e5\u91cb\u51fa\u6a19\u6e96\u4fee\u88dc\u7a0b\u5f0fV1.33 Patch 5<\/p>\n\n\n\n<p>\u96d6\u7136\u6c92\u6709\u8b49\u64da\u8868\u660e\u8a72\u6f0f\u6d1e\u5df2\u88ab\u5ee3\u6cdb\u5229\u7528\uff0c\u4f46\u5408\u52e4\u5efa\u8b70\u7528\u6236\u61c9\u5118\u901f\u66f4\u65b0\u97cc\u9ad4\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u53ca\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40(CISA) \u5df2\u65bc\u9031\u56db (3\u6708 31 \u65e5) \u4e0b\u4ee4\u806f\u90a6\u6a5f\u69cb\u57284 \u6708 21 \u65e5\u4e4b\u524d\u4fee\u88dc <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=1823\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[174],"class_list":["post-1823","post","type-post","status-publish","format-standard","hentry","category-6","tag-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/1823","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1823"}],"version-history":[{"count":2,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/1823\/revisions"}],"predecessor-version":[{"id":1827,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/1823\/revisions\/1827"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1823"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1823"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1823"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}