{"id":2980,"date":"2024-01-24T14:47:30","date_gmt":"2024-01-24T06:47:30","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=2980"},"modified":"2024-01-24T14:47:31","modified_gmt":"2024-01-24T06:47:31","slug":"%e4%b8%ad%e5%9c%8b%e5%9c%8b%e5%ae%b6%e7%b4%9a%e9%a7%ad%e5%ae%a2%e5%88%a9%e7%94%a8vmware-%e9%97%9c%e9%8d%b5%e6%bc%8f%e6%b4%9e%e9%95%b7%e9%81%94%e5%85%a9%e5%b9%b4-cisa%e5%b0%87%e6%ad%a4%e8%b6%8a","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=2980","title":{"rendered":"\u4e2d\u570b\u570b\u5bb6\u7d1a\u99ed\u5ba2\u5229\u7528VMware \u95dc\u9375\u6f0f\u6d1e\u9577\u9054\u5169\u5e74 CISA\u5c07\u6b64\u8d8a\u754c\u5beb\u5165\u6f0f\u6d1e\u589e\u81f3\u5176\u5df2\u77e5\u906d\u6feb\u7528\u4e4b\u6f0f\u6d1e\u6e05\u55ae"},"content":{"rendered":"\n

1 \u6708 18 \u65e5\uff0cVMware <\/a>\u78ba\u8a8d CVE-2023-34048\u88ab\u5229\u7528\u5f8c\uff0cMandiant \u5c07\u8a72\u6d3b\u52d5\u6b78\u56e0\u65bc\u4e00\u500b\u8207\u4e2d\u570b\u95dc\u4fc2\u5bc6\u5207\u7684\u99ed\u5ba2\u7d44\u7e54\uff0c\u4e26\u900f\u9732\u8a72\u653b\u64ca\u6d3b\u52d5\u81f3\u5c11\u5f9e 2021 \u5e74\u5e95\u958b\u59cb\u3002\u6839\u64da Mandiant \u7684\u6700\u65b0\u7814\u7a76\uff0c\u81f3\u5c11\u81ea 2021 \u5e74\u5e95\u4ee5\u4f86\uff0c\u8207\u4e2d\u570b\u76f8\u95dc\u7684 APT \u7d44\u7e54UNC3886\u4e00\u76f4\u5728\u5229\u7528\u4e00\u500b\u7de8\u865f\u70bavCenter Server \u7684\u96f6\u65e5\u6f0f\u6d1eCVE-2023-34048 \u3002vCenter Server \u662f VMware \u865b\u64ec\u5316\u548c\u96f2\u7aef\u904b\u7b97\u8edf\u9ad4\u5957\u4ef6\u4e2d\u7684\u95dc\u9375\u5143\u4ef6\u3002\u5b83\u4f5c\u70baVMware\u865b\u64ec\u5316\u8cc7\u6599\u4e2d\u5fc3\u7684\u96c6\u4e2d\u5f0f\u7d9c\u5408\u7ba1\u7406\u5e73\u53f0\u3002Mandiant<\/a>\u5728\u5468\u4e94\u7684\u4e00\u4efd\u5831\u544a\u4e2d\u8868\u793a\uff1a\u201cUNC3886 \u64c1\u6709\u5229\u7528\u96f6\u65e5\u6f0f\u6d1e\u5728\u4e0d\u88ab\u767c\u73fe\u7684\u60c5\u6cc1\u4e0b\u5b8c\u6210\u653b\u64ca\u4efb\u52d9\u7684\u8a18\u9304\uff0c\u800c\u9019\u500b\u6700\u65b0\u7684\u4f8b\u5b50\u9032\u4e00\u6b65\u8b49\u660e\u4e86\u5b83\u5011\u7684\u80fd\u529b\u3002<\/p>\n\n\n\n

\"\"
Photo Credit: Mandiant<\/figcaption><\/figure>\n\n\n\n

\u53e6\u5916\uff0cCritical Start<\/a>\u7db2\u8def\u5a01\u8105\u7814\u7a76\u8cc7\u6df1\u7d93\u7406Callie Guenther\u8868\u793a\uff1a\u300cCVE-2023-34048 \u7684\u5229\u7528\u53cd\u6620\u4e86\u6df1\u539a\u7684\u6280\u8853\u654f\u92b3\u5ea6\uff0c\u986f\u793a\u5728\u8b58\u5225\u548c\u5229\u7528VMware \u7b49\u5ee3\u6cdb\u4f7f\u7528\u7684\u8edf\u9ad4\u4e2d\u7684\u8907\u96dc\u6f0f\u6d1e\u65b9\u9762\u5177\u6709\u9ad8\u6c34\u5e73\u7684\u719f\u7df4\u7a0b\u5ea6\u3002 \u300d<\/p>\n\n\n\n

\u53bb\u5e7410 <\/a>\u6708 25 \u65e5\uff0cVMware \u9996\u6b21\u63ed\u9732\u4e86\u4e00\u500b\u7de8\u865f\u70ba CVE-2023-34048 \u7684\u8d8a\u754c\u5beb\u5165\u6f0f\u6d1e(Out-of-bounds Write)\u4ee5\u53ca\u4e00\u500b\u7de8\u865f\u70ba CVE-2023-34056 \u7684\u90e8\u5206\u8cc7\u8a0a\u5916\u6d29\u6f0f\u6d1e\uff0c\u9019\u4e9b\u6f0f\u6d1e\u5f71\u97ff\u4e86 vCenter Server\u3002\u8a72\u4f9b\u61c9\u5546\u8b66\u544a\u8aaa\uff0c\u5229\u7528\u8d8a\u754c\u5beb\u5165\u6f0f\u6d1e\uff08CVSS\u8a55\u5206\u70ba 9.8\uff09\u53ef\u4f7f\u653b\u64ca\u8005\u80fd\u5920\u5728\u6613\u53d7\u653b\u64ca\u7684\u96fb\u8166\u4e0a\u9060\u7aef\u57f7\u884c\u7a0b\u5f0f\u78bc\u3002Mandiant \u7684\u7814\u7a76\u4eba\u54e1\u65bc 2022 \u5e74 9 \u6708\u9996\u6b21 \u8a73\u7d30\u4ecb\u7d39\u4e86\u8a72\u7d44\u7e54\u7684\u6d3b\u52d5\uff0c\u7576\u6642\u4ed6\u5011\u5728 VMware ESXi Hypervisor \u4e2d\u767c\u73fe\u4e86\u4e00\u7a2e\u65b0\u7a4e\u7684\u60e1\u610f\u8edf\u9ad4\u6301\u4e45\u6027\u6280\u8853\u3002\u60e1\u610f\u8edf\u9ad4\u4f5c\u8005\u4f7f\u7528\u8a72\u6280\u8853\u5728 VMware ESXi Hypervisor \u4e2d\u5be6\u73fe\u7ba1\u7406\u8a2a\u554f\uff0c\u4e26\u63a5\u7ba1\u9069\u7528\u65bc Windows \u548c Linux \u7684 vCenter \u4f3a\u670d\u5668\u548c\u865b\u64ec\u6a5f\u5668\u3002<\/p>\n\n\n\n

\u9019\u6b21\u653b\u64ca<\/a>\u7684\u9ad8\u5ea6\u91dd\u5c0d\u6027\u548c\u898f\u907f\u6027\u4f7f\u5c08\u5bb6\u5011\u76f8\u4fe1\uff0c\u653b\u64ca\u662f\u7531\u4e2d\u570b\u570b\u5bb6\u7d1a\u99ed\u5ba2 UNC3886\u51fa\u65bc\u7db2\u8def\u9593\u8adc\u76ee\u7684\u800c\u5be6\u65bd\u7684\u3002<\/p>\n\n\n\n

\u5728 Mandiant \u65bc 2022 \u5e74 9 \u6708\u8abf\u67e5\u7684\u653b\u64ca\u4e2d\uff0c\u653b\u64ca\u8005\u4f9d\u9760\u60e1\u610f vSphere \u5b89\u88dd\u5957\u4ef6 (VIB)\u5728 ESXi \u865b\u64ec\u6a5f\u5668\u7ba1\u7406\u7a0b\u5f0f\u4e0a\u5b89\u88dd\u5169\u500b\u5f8c\u9580\uff0c\u5206\u5225\u70ba VIRTUALPITA \u548c VIRTUALPIE\u3002 VIB \u662f\u8a2d\u8a08\u7528\u65bc\u7ba1\u7406\u865b\u64ec\u7cfb\u7d71\u7684\u6a94\u6848\u96c6\u5408\uff0c\u5b83\u5011\u53ef\u7528\u65bc\u5efa\u7acb\u555f\u52d5\u4efb\u52d9\u3001\u81ea\u8a02\u9632\u706b\u7246\u898f\u5247\u6216\u5728 ESXi \u96fb\u8166\u91cd\u65b0\u555f\u52d5\u6642\u90e8\u7f72\u81ea\u8a02\u4e8c\u9032\u4f4d\u3002Mandiant \u9032\u884c\u7684\u9032\u4e00\u6b65\u8abf\u67e5\u986f\u793a\uff0cUNC3886 \u7d44\u7e54\u4f7f\u7528\u4e86\u5176\u4ed6\u6280\u8853\u4f86\u91dd\u5c0d\u591a\u500b\u7d44\u7e54\u4ee5\u907f\u514d EDR \u89e3\u6c7a\u65b9\u6848\u3002<\/p>\n\n\n\n

Mandiant \u548c VMware Product Security \u5c0d\u201cvmdird\u201d \u6838\u5fc3\u5d29\u6f70\u6a94\u6848\u7684\u5206\u6790\u8868\u660e\uff0c\u9032\u7a0b\u5d29\u6f70\u8207 CVE-2023-34048 \u7684\u5229\u7528\u5bc6\u5207\u76f8\u95dc,<\/p>\n\n\n\n

2023\u5e74\u672b\uff0cMandiant \u6ce8\u610f\u5230 VMware vmdird \u670d\u52d9\u5728\u90e8\u7f72\u5f8c\u9580\u524d\u5e7e\u5206\u9418\u5c31\u7576\u6a5f\u3002Mandiant \u548c VMware Product Security \u5c0d\u300cvmdird\u300d\u6838\u5fc3\u5d29\u6f70\u6a94\u6848\u7684\u5206\u6790\u8868\u660e\uff0c\u9032\u7a0b\u7576\u6a5f\u8207 CVE-2023-34048 \u7684\u5229\u7528\u6709\u5bc6\u5207\u7684\u95dc\u4fc2\u3002Mandiant \u89c0\u5bdf\u5230 2021 \u5e74\u5e95\u81f3 2022 \u5e74\u521d\u671f\u9593\u767c\u751f\u4e86\u591a\u8d77 UNC3886 \u4e8b\u4ef6\u3002\u7814\u7a76\u4eba\u54e1\u9084\u6ce8\u610f\u5230\uff0c\u5728\u89c0\u5bdf\u5230\u9019\u4e9b\u5d29\u6f70\u7684\u5927\u591a\u6578\u74b0\u5883\u4e2d\uff0c\u65e5\u8a8c\u689d\u76ee\u88ab\u4fdd\u5b58\u4e86\u4e0b\u4f86\uff0c\u4f46\u300evmdird\u300f\u6838\u5fc3\u5d29\u6f70\u6a94\u6848\u672c\u8eab\u537b\u88ab\u522a\u9664<\/p>\n\n\n\n

\u201cVMware \u7684\u9810\u8a2d\u914d\u7f6e\u6703\u5c07\u6838\u5fc3\u5d29\u6f70\u6a94\u6848\u7121\u9650\u671f\u5730\u4fdd\u7559\u5728\u7cfb\u7d71\u4e0a\uff0c\u9019\u8868\u660e\u653b\u64ca\u8005\u6545\u610f\u522a\u9664\u4e86\u6838\u5fc3\u5d29\u6f70\u6a94\u6848\uff0c\u4ee5\u8a66\u5716\u63a9\u84cb\u5176\u8e2a\u8de1\u3002\u201d\u5831\u544a\u7e3d\u7d50\u9053\u3002 \u201c\u6b63\u5982 VMware \u901a\u5831\u4e2d\u63d0\u5230\u7684\uff0c\u6b64\u6f0f\u6d1e\u5df2\u5728 vCenter 8.0U2 \u4e2d\u5f97\u5230\u4fee\u88dc\uff0cMandiant \u5efa\u8b70 VMware \u7528\u6236\u66f4\u65b0\u5230\u6700\u65b0\u7248\u672c\u7684 vCenter\uff0c\u4ee5\u61c9\u5c0d\u6b64\u6f0f\u6d1e\u88ab\u5ee3\u6cdb\u5229\u7528\u7684\u60c5\u6cc1\u3002\u201d\u9031\u4e09\uff0cVMware \u4ee5\u65b0\u8cc7\u8a0a\u66f4\u65b0\u4e86<\/a>\u8a72\u901a\u5831\uff0c\u8b66\u544a\u5ba2\u6236\u8d8a\u754c\u5beb\u5165\u6f0f\u6d1e\u6b63\u53d7\u5230\u653b\u64ca\u3002<\/p>\n\n\n\n

\u6839\u64daShadowserver Foundation \u7684\u6578\u64da<\/a>\uff0c\u76ee\u524d\u6709\u6578\u767e\u500b\u66b4\u9732\u65bc\u7db2\u969b\u7db2\u8def\u7684 VMware vCenter Server \u57f7\u884c\u500b\u9ad4\u53ef\u80fd\u5b58\u5728\u6f0f\u6d1e\u3002<\/p>\n\n\n\n

\"\"
Photo Credit: CISA<\/figcaption><\/figure>\n\n\n\n

VMware \u7522\u54c1\u6210\u70ba\u60e1\u610f\u653b\u64ca\u8005\u653b\u64ca\u76ee\u6a19\u7684\u60c5\u6cc1\u4e26\u4e0d\u5c11\u898b\u3002\u7f8e\u570b\u5b89\u5168\u6a5f\u69cb CISA \u7dad\u8b77\u7684\u5df2\u77e5\u906d\u6feb\u7528\u4e4b\u6f0f\u6d1e\u6e05\u55ae\u76ee\u524d\u5305\u62ec 21 \u500bVMware \u7522\u54c1\u6f0f\u6d1e<\/a>\u3002\u4eca\u5929(1\u670824\u65e5)CISA\u5728\u5176\u5df2\u77e5\u906d\u6feb\u7528\u4e4b\u6f0f\u6d1e\u6e05\u55ae(KEV)\u4e2d\u65b0\u589e\u4e86CVE-2023-34048\u6f0f\u6d1e\uff0c\u4e26\u4e0b\u4ee4\u806f\u90a6\u6a5f\u69cb\u5728 2024 \u5e74 2 \u6708 12 \u65e5\u4e4b\u524d\u4fee\u5fa9\u6b64\u6f0f\u6d1e\uff0c\u4e5f\u5efa\u8b70\u79c1\u4eba\u6a5f\u69cb\u5be9\u67e5\u8a72\u6e05\u55ae\u4e26\u89e3\u6c7a\u5176\u57fa\u790e\u8a2d\u65bd\u4e2d\u7684\u6f0f\u6d1e\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"

1 \u6708 18 \u65e5\uff0cVMware \u78ba\u8a8d CVE-2023-34048\u88ab\u5229\u7528\u5f8c\uff0cMandiant \u5c07\u8a72\u6d3b\u52d5\u6b78\u56e0\u65bc\u4e00 READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[174,249],"class_list":["post-2980","post","type-post","status-publish","format-standard","hentry","category-6","tag-news","tag-249"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2980","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2980"}],"version-history":[{"count":1,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2980\/revisions"}],"predecessor-version":[{"id":2983,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2980\/revisions\/2983"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2980"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2980"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2980"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}