{"id":3967,"date":"2025-10-22T15:48:55","date_gmt":"2025-10-22T07:48:55","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=3967"},"modified":"2025-10-22T15:50:04","modified_gmt":"2025-10-22T07:50:04","slug":"cisa-%e6%96%b0%e5%a2%9e%e4%ba%94%e9%a0%85%e8%a2%ab%e5%88%a9%e7%94%a8%e6%bc%8f%e6%b4%9e%ef%bc%8coracle-ebs-%e8%88%87-windows-smb-%e5%88%97%e5%85%a5%e9%ab%98%e9%a2%a8%e9%9a%aa%e6%b8%85%e5%96%ae","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=3967","title":{"rendered":"\u00a0CISA \u65b0\u589e\u4e94\u9805\u88ab\u5229\u7528\u6f0f\u6d1e\uff0cOracle EBS \u8207 Windows SMB \u5217\u5165\u9ad8\u98a8\u96aa\u6e05\u55ae"},"content":{"rendered":"\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"865\" height=\"706\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/10\/image-9.png\" alt=\"\" class=\"wp-image-3968\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/10\/image-9.png 865w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/10\/image-9-300x245.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/10\/image-9-768x627.png 768w\" sizes=\"auto, (max-width: 865px) 100vw, 865px\" \/><\/figure>\n\n\n\n<p>\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u5efa\u8a2d\u5b89\u5168\u5c40\uff08CISA\uff09\u65bc\u672c\u9031\u4e00\u6b63\u5f0f\u5c07 <strong>\u4e94\u9805\u5b89\u5168\u6f0f\u6d1e<\/strong> \u7d0d\u5165\u5176\u300c\u5df2\u77e5\u88ab\u5229\u7528\u6f0f\u6d1e\uff08Known Exploited Vulnerabilities, KEV\uff09\u300d\u76ee\u9304\u4e2d\uff0c\u7576\u4e2d\u5305\u542b\u8fd1\u671f\u88ab\u63ed\u9732\u3001\u5f71\u97ff <strong>Oracle E-Business Suite (EBS)<\/strong> \u7684\u56b4\u91cd\u6f0f\u6d1e\uff0c\u4e26\u78ba\u8a8d\u8a72\u6f0f\u6d1e\u5df2\u5728\u771f\u5be6\u653b\u64ca\u4e8b\u4ef6\u4e2d\u906d\u5230\u6b66\u5668\u5316\u5229\u7528\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>CVE-2025-61884<\/strong><strong>\uff1aOracle EBS <\/strong><strong>\u95dc\u9375 SSRF <\/strong><strong>\u5f31\u9ede\u5df2\u88ab\u6b66\u5668\u5316\u5229\u7528<\/strong><\/p>\n\n\n\n<p>\u6b64\u9805\u6f0f\u6d1e\u7de8\u865f\u70ba <strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-61884\">CVE-2025-61884<\/a><\/strong>\uff08CVSS \u8a55\u5206\uff1a7.5\uff09\uff0c\u5c6c\u65bc <strong>Oracle Configurator Runtime <\/strong><strong>\u7d44\u4ef6\u4e2d\u7684\u4f3a\u670d\u5668\u7aef\u8acb\u6c42\u507d\u9020\uff08SSRF<\/strong><strong>\uff09\u6f0f\u6d1e<\/strong>\u3002\u6210\u529f\u5229\u7528\u5f8c\uff0c\u653b\u64ca\u8005\u53ef\u5728\u672a\u7d93\u6388\u6b0a\u7684\u60c5\u6cc1\u4e0b\uff0c\u9060\u7aef\u5b58\u53d6\u4e26\u7aca\u53d6\u95dc\u9375\u8cc7\u8a0a\u3002<br>CISA \u6307\u51fa\uff1a\u300c\u6b64\u6f0f\u6d1e\u53ef\u88ab\u9060\u7aef\u672a\u7d93\u9a57\u8b49\u8005\u76f4\u63a5\u5229\u7528\uff0c\u98a8\u96aa\u7b49\u7d1a\u9ad8\u3002\u300d<\/p>\n\n\n\n<p>\u8a72\u6f0f\u6d1e\u662f <strong>Oracle EBS<\/strong> \u8fd1\u671f\u7b2c\u4e8c\u500b\u78ba\u8a8d\u88ab\u653b\u64ca\u8005\u5229\u7528\u7684\u6f0f\u6d1e\u3002\u5148\u524d\u7684 <strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-61882\">CVE-2025-61882<\/a><\/strong>\uff08CVSS 9.8\uff09\u66f4\u56b4\u91cd\uff0c\u5141\u8a31\u672a\u7d93\u9a57\u8b49\u7684\u653b\u64ca\u8005\u5728\u6613\u53d7\u5f71\u97ff\u7684\u7cfb\u7d71\u4e0a\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\u3002<\/p>\n\n\n\n<p>\u6839\u64da\u8cc7\u5b89\u5a92\u9ad4\u300aThe Hacker News\u300b\u7684<a href=\"https:\/\/thehackernews.com\/2025\/10\/five-new-exploited-bugs-land-in-cisas.html\">\u5831\u9053<\/a>\uff0c<strong>Google Threat Intelligence Group (GTIG)<\/strong> \u8207 <strong>Mandiant<\/strong> \u7684\u8abf\u67e5\uff0c\u5df2\u6709\u6578\u5341\u5bb6\u4f01\u696d\u7591\u4f3c\u53d7\u5bb3\u65bc CVE-2025-61882 \u7684\u60e1\u610f\u5229\u7528\u884c\u52d5\u3002GTIG \u8cc7\u6df1\u5b89\u5168\u5de5\u7a0b\u5e2b <strong>Zander Work<\/strong> \u5411\u300aThe Hacker News\u300b\u8868\u793a\uff1a\u300c\u76ee\u524d\u5c1a\u7121\u6cd5\u5c07\u7279\u5b9a\u653b\u64ca\u884c\u70ba\u6b78\u5c6c\u81f3\u67d0\u500b\u7279\u5b9a\u5a01\u8105\u884c\u70ba\u8005\uff0c\u4f46\u89c0\u5bdf\u5230\u7684\u90e8\u5206\u653b\u64ca\u8de1\u8c61\u986f\u793a\uff0c\u9019\u4e9b\u884c\u52d5\u53ef\u80fd\u8207 <strong>Cl0p <\/strong><strong>\u52d2\u7d22\u7d44\u7e54<\/strong> \u6709\u95dc\u3002\u300d<\/p>\n\n\n\n<p>Oracle \u5df2\u65bc\u8fd1\u65e5\u7dca\u6025\u767c\u5e03 <strong>\u5b89\u5168\u516c\u544a (Security Alert CVE-2025-61884)<\/strong>\uff0c\u91dd\u5c0d <strong>E-Business Suite 12.2.3\u201312.2.14 <\/strong><strong>\u7248\u672c<\/strong> \u63a8\u51fa\u4fee\u88dc\u7a0b\u5f0f\u3002<br>Oracle \u9996\u5e2d\u5b89\u5168\u9577 <strong>Rob Duhart<\/strong> \u8868\u793a\uff1a\u300c\u6b64\u6f0f\u6d1e\u82e5\u906d\u6210\u529f\u5229\u7528\uff0c\u53ef\u80fd\u4f7f\u653b\u64ca\u8005\u5b58\u53d6\u654f\u611f\u8cc7\u6e90\u3002\u5efa\u8b70\u6240\u6709\u4f7f\u7528\u8005\u61c9\u7acb\u5373\u90e8\u7f72\u66f4\u65b0\uff0c\u4ee5\u964d\u4f4e\u8cc7\u6599\u5916\u6d29\u98a8\u96aa\u3002\u300d<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u5176\u4ed6\u65b0\u589e\u81f3 KEV <\/strong><strong>\u7684\u56db\u9805\u6f0f\u6d1e<\/strong><\/p>\n\n\n\n<p>\u9664 Oracle \u5916\uff0cCISA \u6b64\u6b21\u540c\u6642\u5c07 <strong>Microsoft<\/strong><strong>\u3001Kentico<\/strong><strong>\u3001\u8207 Apple<\/strong> \u7b49\u7522\u54c1\u7684\u56db\u9805\u6f0f\u6d1e\u5217\u5165 KEV \u76ee\u9304\uff1a<\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li><strong><a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2025-33073\">CVE-2025-33073<\/a><\/strong><strong>\uff08CVSS 8.8<\/strong><strong>\uff09<\/strong>\n<ul class=\"wp-block-list\">\n<li>\u5f71\u97ff\u7522\u54c1\uff1aMicrosoft Windows SMB Client<\/li>\n\n\n\n<li>\u985e\u578b\uff1a\u6b0a\u9650\u63d0\u5347\uff08Improper Access Control\uff09<\/li>\n\n\n\n<li>\u72c0\u6cc1\uff1a\u82e5 SMB \u7c3d\u7ae0\u672a\u5f37\u5236\u555f\u7528\uff0c\u653b\u64ca\u8005\u53ef\u900f\u904e\u300c<strong>Reflective Kerberos Relay Attack<\/strong><strong>\uff08\u53c8\u7a31 LoopyTicket<\/strong><strong>\uff09<\/strong>\u300d\u53d6\u5f97\u7db2\u57df\u63a7\u5236\u6b0a\u9650\u3002<\/li>\n\n\n\n<li>\u4fee\u88dc\u72c0\u614b\uff1aMicrosoft \u5df2\u65bc 2025 \u5e74 6 \u6708\u4fee\u88dc\u3002<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2025-2746\">CVE-2025-2746<\/a><\/strong><strong>\uff08CVSS 9.8<\/strong><strong>\uff09<\/strong>\n<ul class=\"wp-block-list\">\n<li>\u5f71\u97ff\u7522\u54c1\uff1aKentico Xperience CMS<\/li>\n\n\n\n<li>\u985e\u578b\uff1a\u8a8d\u8b49\u7e5e\u904e\uff08Authentication Bypass\uff09<\/li>\n\n\n\n<li>\u653b\u64ca\u65b9\u5f0f\uff1a\u5229\u7528 <strong>Staging Sync Server<\/strong> \u8655\u7406\u7a7a\u767d SHA1 \u4f7f\u7528\u8005\u540d\u7a31\u7684\u7f3a\u9677\uff0c\u53ef\u53d6\u5f97\u7ba1\u7406\u7aef\u63a7\u5236\u6b0a\u9650\u3002<\/li>\n\n\n\n<li>\u4fee\u88dc\u72c0\u614b\uff1a2025 \u5e74 3 \u6708\u4fee\u88dc\u3002<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2025-2747\">CVE-2025-2747<\/a><\/strong><strong>\uff08CVSS 9.8<\/strong><strong>\uff09<\/strong>\n<ul class=\"wp-block-list\">\n<li>\u985e\u578b\uff1a\u8a8d\u8b49\u7e5e\u904e\uff08Authentication Bypass\uff09<\/li>\n\n\n\n<li>\u653b\u64ca\u65b9\u5f0f\uff1a\u5229\u7528 <strong>Staging Sync Server<\/strong> \u8655\u7406\u300cNone\u300d\u578b\u5225\u5bc6\u78bc\u8a2d\u5b9a\u7684\u6f0f\u6d1e\uff0c\u53ef\u5b8c\u5168\u63a7\u5236\u7cfb\u7d71\u7ba1\u7406\u7269\u4ef6\u3002<\/li>\n\n\n\n<li>\u4fee\u88dc\u72c0\u614b\uff1a2025 \u5e74 3 \u6708\u4fee\u88dc\u3002<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2022-48503\">CVE-2022-48503<\/a><\/strong><strong>\uff08CVSS 8.8<\/strong><strong>\uff09<\/strong>\n<ul class=\"wp-block-list\">\n<li>\u5f71\u97ff\u7522\u54c1\uff1aApple JavaScriptCore<\/li>\n\n\n\n<li>\u985e\u578b\uff1a\u9663\u5217\u7d22\u5f15\u9a57\u8b49\u932f\u8aa4\uff08Improper Validation of Array Index\uff09<\/li>\n\n\n\n<li>\u5f8c\u679c\uff1a\u5728\u8655\u7406\u60e1\u610f\u7db2\u9801\u5167\u5bb9\u6642\uff0c\u53ef\u5c0e\u81f4\u4efb\u610f\u7a0b\u5f0f\u78bc\u57f7\u884c\u3002<\/li>\n\n\n\n<li>\u4fee\u88dc\u72c0\u614b\uff1aApple \u5df2\u65bc 2022 \u5e74 7 \u6708\u4fee\u88dc\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p>\u4e0a\u8ff0\u4e09\u9805\uff08CVE-2025-33073\u3001CVE-2025-2746\u3001CVE-2025-2747\uff09\u5206\u5225\u7531 <strong><a href=\"https:\/\/www.synacktiv.com\/en\">Synacktiv <\/a><\/strong>\u8207 <strong><a href=\"https:\/\/labs.watchtowr.com\/\">watchTowr Labs<\/a><\/strong> \u7684\u7814\u7a76\u4eba\u54e1\u63ed\u9732\uff0c\u4e26\u7531 <strong>GuidePoint Security<\/strong><strong>\u3001CrowdStrike<\/strong><strong>\u3001SySS GmbH<\/strong><strong>\u3001RedTeam Pentesting<\/strong><strong>\u3001Google Project Zero<\/strong> \u7b49\u591a\u65b9\u5171\u540c\u9a57\u8b49\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u4fee\u88dc\u6642\u9650\u8207\u5b89\u5168\u5efa\u8b70<\/strong><\/p>\n\n\n\n<p>\u6839\u64da <strong>CISA<\/strong><strong>\u300a<a href=\"https:\/\/www.cisa.gov\/news-events\/directives\/bod-22-01-reducing-significant-risk-known-exploited-vulnerabilities\">\u4f5c\u696d\u6307\u4ee4 BOD 22-01\uff1a\u964d\u4f4e\u5df2\u77e5\u88ab\u5229\u7528\u6f0f\u6d1e\u7684\u91cd\u5927\u98a8\u96aa\u300b<\/a><\/strong>\uff0c<br><strong>\u806f\u90a6\u6c11\u653f\u884c\u653f\u6a5f\u69cb (FCEB)<\/strong> \u5fc5\u9808\u65bc <strong>2025 <\/strong><strong>\u5e74 11 <\/strong><strong>\u6708 10 <\/strong><strong>\u65e5\u524d<\/strong> \u5b8c\u6210\u4fee\u88dc\uff0c\u4ee5\u9632\u7bc4\u9019\u4e9b\u6f0f\u6d1e\u906d\u6301\u7e8c\u6027\u5a01\u8105\u884c\u70ba\u8005\u5229\u7528\u3002<\/p>\n\n\n\n<p>CISA \u540c\u6642\u5efa\u8b70 <strong>\u6c11\u9593\u4f01\u696d\u8207\u91d1\u878d\u6a5f\u69cb<\/strong> \u61c9\u53c3\u7167 KEV \u76ee\u9304\uff0c\u7acb\u5373\u5be9\u8996\u81ea\u8eab\u74b0\u5883\u4e2d\u7684\u53d7\u5f71\u97ff\u7cfb\u7d71\uff0c\u4e26\u5118\u901f\u90e8\u7f72\u4fee\u88dc\u7a0b\u5f0f\uff0c\u4ee5\u9632\u7bc4\u5f8c\u7e8c\u91dd\u5c0d Oracle\u3001Windows\u3001Kentico \u6216 Apple \u7522\u54c1\u7684\u91dd\u5c0d\u6027\u653b\u64ca\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u5c08\u5bb6\u89c0\u9ede<\/strong><\/p>\n\n\n\n<p>\u6b64\u6b21 KEV \u66f4\u65b0\u986f\u793a\u51fa\u5169\u9805\u8da8\u52e2\uff1a<strong>\u4f01\u696d\u7d1a\u61c9\u7528\u5e73\u53f0\uff08\u5982<\/strong><strong> Oracle EBS<\/strong><strong>\uff09\u6b63\u9010\u6f38\u6210\u70ba\u653b\u64ca\u7126\u9ede\u3002<\/strong> \u653b\u64ca\u8005\u504f\u597d\u80fd\u63d0\u4f9b\u5927\u898f\u6a21\u6578\u64da\u63a5\u53d6\u6b0a\u9650\u7684\u696d\u52d9\u6838\u5fc3\u7cfb\u7d71\uff0c\u85c9\u6b64\u9032\u884c\u8cc7\u6599\u7aca\u53d6\u6216\u4f9b\u5f8c\u7e8c\u52d2\u7d22\u884c\u52d5\u4f7f\u7528\u3002 <strong>\u8de8\u4f9b\u61c9\u93c8\u6f0f\u6d1e\u5229\u7528\u8da8\u52e2\u5347\u6eab\u3002<\/strong> \u653b\u64ca\u8005\u5f80\u5f80\u900f\u904e CMS\u3001Windows SMB \u6216 Web \u7d44\u4ef6\u7b49\u8de8\u5e73\u53f0\u5f31\u9ede\u6ef2\u900f\uff0c\u518d\u6a6b\u5411\u79fb\u52d5\u81f3\u9ad8\u6b0a\u9650\u74b0\u5883\u3002<\/p>\n\n\n\n<p>\u5f9e\u8cc7\u5b89\u9632\u79a6\u89d2\u5ea6\u800c\u8a00\uff0c\u9664\u53ca\u6642\u4fee\u88dc\u5916\uff0c\u5efa\u8b70\u7d44\u7e54\u63a1\u53d6\u4ee5\u4e0b\u63aa\u65bd\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u90e8\u7f72 <strong>SSRF <\/strong><strong>\u9632\u8b77\u8207 WAF <\/strong><strong>\u898f\u5247\u66f4\u65b0<\/strong>\uff1b<\/li>\n\n\n\n<li>\u5f37\u5316 <strong>SMB <\/strong><strong>\u7c3d\u7ae0\u8207 Kerberos <\/strong><strong>\u9a57\u8b49\u653f\u7b56<\/strong>\uff1b<\/li>\n\n\n\n<li>\u5be9\u67e5 <strong>CMS <\/strong><strong>\u53ca\u7b2c\u4e09\u65b9\u5916\u639b<\/strong> \u6b0a\u9650\u8a2d\u5b9a\uff1b<\/li>\n\n\n\n<li>\u5efa\u7acb <strong>\u5a01\u8105\u60c5\u5831\uff08Threat Intelligence<\/strong><strong>\uff09\u76e3\u63a7\u6a5f\u5236<\/strong>\uff0c\u53ca\u8ffd\u8e64 KEV \u65b0\u589e\u9805\u76ee\u3002<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u5efa\u8a2d\u5b89\u5168\u5c40\uff08CISA\uff09\u65bc\u672c\u9031\u4e00\u6b63\u5f0f\u5c07 \u4e94\u9805\u5b89\u5168\u6f0f\u6d1e \u7d0d\u5165\u5176\u300c\u5df2\u77e5\u88ab\u5229\u7528\u6f0f\u6d1e\uff08Known Ex <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=3967\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[174],"class_list":["post-3967","post","type-post","status-publish","format-standard","hentry","category-6","tag-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3967","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3967"}],"version-history":[{"count":1,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3967\/revisions"}],"predecessor-version":[{"id":3969,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/3967\/revisions\/3969"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3967"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3967"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3967"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}