{"id":3005,"date":"2024-02-19T16:15:05","date_gmt":"2024-02-19T08:15:05","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=3005"},"modified":"2024-02-19T16:15:06","modified_gmt":"2024-02-19T08:15:06","slug":"cisa-%e8%ad%a6%e5%91%8a%ef%bc%9aakira-%e5%8b%92%e7%b4%a2%e8%bb%9f%e9%ab%94%e5%88%a9%e7%94%a8-cisco-asa-ftd-%e4%b8%ad%e5%ad%98%e5%9c%a8%e7%9a%84%e6%bc%8f%e6%b4%9e","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=3005","title":{"rendered":"CISA \u8b66\u544a\uff1aAkira \u52d2\u7d22\u8edf\u9ad4\u5229\u7528 Cisco ASA\/FTD \u4e2d\u5b58\u5728\u7684\u6f0f\u6d1e"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

\u7f8e\u570b\u7db2\u969b\u5b89\u5168\u66a8\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40 (CISA) \u9031\u56db(2\/15)\u5728\u5df2\u77e5\u906d\u6feb\u7528\u4e4b\u6f0f\u6d1e\u6e05\u55ae ( KEV )\u4e2d\u65b0\u589e\u4e86\u4e00\u500b\u601d\u79d1\u73fe\u5df2\u4fee\u88dc\u7684\u5b89\u5168\u6f0f\u6d1e\uff0c\u6709\u5831\u544a\u6307\u51faAkira \u52d2\u7d22\u8edf\u9ad4\u5229\u7528\u601d\u79d1\u81ea\u9069\u61c9\u5b89\u5168\u8a2d\u5099\uff08Cisco Adaptive Security Appliance\uff0cASA\uff09\u548c\u601d\u79d1\u5a01\u8105\u9632\u79a6\u7cfb\u7d71\uff08Cisco Firepower Threat Defense\uff0cFTD\uff09\u4e2d\u5148\u524d\u4fee\u88dc\u7684\u5b89\u5168\u6f0f\u6d1e\u3002\u8a72\u6f0f\u6d1e\u88ab\u7a31\u70baCVE-2020-3259<\/a>\uff08CVSS \u8a55\u5206\uff1a7.5\uff09\uff0c\u9019\u662f\u4e00\u500b\u9ad8\u56b4\u91cd\u6027\u7684\u8cc7\u8a0a\u5916\u6d29\u6f0f\u6d1e\uff0c\u653b\u64ca\u8005\u7121\u9700\u7d93\u904e\u6388\u6b0a\uff0c\u4fbf\u53ef\u901a\u904e\u5229\u7528\u8a72\u6f0f\u6d1e\u6aa2\u7d22\u53d7\u5f71\u97ff\u8a2d\u5099\u4e0a\u7684\u8a18\u61b6\u9ad4\u5167\u5bb9\uff0c\u9032\u884c\u985e\u4f3c\u5982\u4e0b\u6240\u793a\u7684\u60e1\u610f\u653b\u64ca\uff1a<\/p>\n\n\n\n

\u9060\u7aef\u7372\u53d6\u9023\u63a5\u5230\u601d\u79d1VPN\u7528\u6236\u7684\u7576\u524dSession ID\uff0c\u5f71\u97ff\u7528\u6236\u7684\u6b63\u5e38\u4f7f\u7528\uff1b<\/p>\n\n\n\n

\u5229\u7528\u7372\u53d6\u5230\u7684\u7528\u6236\u7576\u524dSession ID\uff0c\u767b\u9304\u601d\u79d1VPN\u5ba2\u6236\u7aef\uff0c\u5f9e\u800c\u6ef2\u900f\u5230\u516c\u53f8\u7684\u5167\u90e8\u7db2\u8def\uff1b<\/p>\n\n\n\n

\u9060\u7aef\u7372\u53d6\u601d\u79d1ASA\u5167\u5b58\u4e2d\u7684\u5176\u4ed6\u6a5f\u5bc6\u8cc7\u8a0a\uff0c\u5982\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\u3001\u6191\u8b49\u7b49\u3002<\/p>\n\n\n\n

\u4f5c\u70ba 2020 \u5e74<\/a> 5 \u6708\u767c\u5e03\u7684\u66f4\u65b0\u7684\u4e00\u90e8\u5206\uff0c\u601d\u79d1\u5c0d\u5176\u9032\u884c\u4e86\u4fee\u88dc\u3002\u4f46\u7531\u65bc\u6700\u8fd1\u88ab\u767c\u73feAkira \u52d2\u7d22\u8edf\u9ad4\u5728\u653b\u64ca\u4e2d\u4f7f\u7528\uff0c\u6545\u5df2\u88ab\u6dfb\u52a0\u5230 CISA \u7684\u5df2\u77e5\u906d\u6feb\u7528\u4e4b\u6f0f\u6d1e\u6e05\u55ae ( KEV )\u4e2d\u3002\u4e0a\u500b\u6708\u672b\uff0c\u7db2\u8def\u5b89\u5168\u516c\u53f8 Truesec \u8868\u793a<\/a>\uff0c\u5b83\u767c\u73fe\u7684\u8b49\u64da\u8868\u660e\uff0c\u5728\u904e\u53bb\u7684\u4e00\u5e74\u88e1\uff0cAkira \u52d2\u7d22\u8edf\u9ad4\u653b\u64ca\u8005\u5df2\u5c07\u5176\u6b66\u5668\u5316\uff0c\u4ee5\u5371\u5bb3\u591a\u500b\u6613\u53d7\u653b\u64ca\u7684 Cisco Anyconnect SSL VPN \u8a2d\u5099\u3002Truesec\u57f7\u884c\u7684\u516b\u500b\u6700\u65b0\u4e8b\u4ef6\u56de\u61c9\u4efb\u52d9\u9032\u884c\u7684\u5206\u6790\uff08\u5176\u4e2d\u90e8\u7f72\u4e86Akira \u52d2\u7d22\u8edf\u9ad4\uff0c\u4e26\u4e14\u88ab\u78ba\u8a8dCisco Anyconnect SSL VPN\u70ba\u5165\u53e3\u9ede\uff09\u986f\u793a\uff0c\u81f3\u5c11\u6709\u516d\u53f0\u53d7\u611f\u67d3\u7684\u8a2d\u5099\u6b63\u5728\u904b\u884c\u4e0d\u540c\u7248\u672c\u7684\u6613\u53d7\u653b\u64ca\u7684\u8a2d\u5099\u3002<\/p>\n\n\n\n

\u64da Palo Alto Networks Unit 42 \u7a31<\/a>\uff0cAkira \u662f 2023 \u5e74\u65b0\u8a2d\u7acb\u52d2\u7d22\u8edf\u9ad4\u7684 25 \u500b\u7d44\u7e54\u4e4b\u4e00\uff0c\u65bc3 \u6708\u9996\u6b21\u88ab\u767c\u73fe\u3002Akira\u516c\u958b\u8072\u7a31\u6709\u8fd1 200 \u540d\u53d7\u5bb3\u8005\uff0c\u64da\u4fe1Akria\u8207\u81ed\u540d\u662d\u8457\u7684Conti\u4e4b\u9593\u5b58\u5728\u806f\u7e6b\uff0c\u56e0\u70baAkira\u88ab\u767c\u73fe\u5c07\u8d16\u91d1\u6536\u76ca\u767c\u9001\u81f3 Conti\u9322\u5305\u5730\u5740\u3002\u50c5\u5728 2023 \u5e74\u7b2c\u56db\u5b63\u5ea6\uff0cAkira\u5c31\u5728\u5176\u6697\u7db2\u7db2\u7ad9\u4e0a\u5217\u51fa\u4e86 49 \u540d\u53d7\u5bb3\u8005\uff0c\u6392\u5728LockBit\uff08275 \u540d\uff09\u3001Play\uff08110 \u540d\uff09\u3001ALPHV\/BlackCat\uff08102 \u540d\uff09\u3001 NoEscape\uff0876 \u540d\uff09\u30018Base\uff0875 \u540d\uff09\u4e4b\u5f8c\u3002\uff09\u548cBlackBasta\uff0872\uff09\u3002CISA\u8981\u6c42\u806f\u90a6\u6c11\u4e8b\u884c\u653f\u90e8\u9580 (FCEB) \u6a5f\u69cb\u5fc5\u9808\u5728 2024 \u5e74 3 \u6708 7 \u65e5\u4e4b\u524d\u4fee\u5fa9\u5df2\u767c\u73fe\u7684Cisco ASA\/FTD \u4e2d\u5b58\u5728\u7684\u6f0f\u6d1eCVE-2020-3259\uff0c\u4ee5\u78ba\u4fdd\u5176\u7db2\u8def\u514d\u53d7\u6f5b\u5728\u5a01\u8105\u3002<\/p>\n\n\n\n

CVE-2020-3259 \u9060\u975e\u552f\u4e00\u88ab\u5229\u7528\u4f86\u50b3\u64ad\u52d2\u7d22\u8edf\u9ad4\u7684\u6f0f\u6d1e\uff0c\u672c\u6708\u65e9\u4e9b\u6642\u5019\uff0cArctic Wolf Labs\u62ab\u9732<\/a>\u4e86\u6feb\u7528CVE-2023-22527\uff08Atlassian Confluence \u8cc7\u6599\u4e2d\u5fc3\u548c Confluence \u4f3a\u670d\u5668\u6700\u8fd1\u767c\u73fe\u7684\u6f0f\u6d1e\uff09\u4f86\u90e8\u7f72 C3RB3R \u52d2\u7d22\u8edf\u9ad4\u4ee5\u53ca\u52a0\u5bc6\u8ca8\u5e63\u6316\u7926\u7a0b\u5f0f\u548c\u9060\u7aef\u5b58\u53d6\u6728\u99ac\u7684\u60c5\u6cc1\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"

\u7f8e\u570b\u7db2\u969b\u5b89\u5168\u66a8\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40 (CISA) \u9031\u56db(2\/15)\u5728\u5df2\u77e5\u906d\u6feb\u7528\u4e4b\u6f0f\u6d1e\u6e05\u55ae ( KEV )\u4e2d\u65b0\u589e\u4e86\u4e00\u500b READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[174],"class_list":["post-3005","post","type-post","status-publish","format-standard","hentry","category-6","tag-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3005","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3005"}],"version-history":[{"count":1,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3005\/revisions"}],"predecessor-version":[{"id":3009,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3005\/revisions\/3009"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3005"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3005"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3005"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}