{"id":4011,"date":"2025-11-14T13:27:18","date_gmt":"2025-11-14T05:27:18","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=4011"},"modified":"2025-11-14T14:01:28","modified_gmt":"2025-11-14T06:01:28","slug":"cisa-%e8%ad%a6%e7%a4%ba%e4%b8%89%e5%a4%a7%e8%b3%87%e5%ae%89%e6%bc%8f%e6%b4%9e%ef%bc%9awatchguard-firebox%e3%80%81microsoft-windows-%e5%8f%8a-gladinet-triofox-%e9%9d%a2%e8%87%a8%e7%a9%8d%e6%a5%b5","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=4011","title":{"rendered":"CISA \u8b66\u793a\u4e09\u5927\u8cc7\u5b89\u6f0f\u6d1e\uff1aWatchGuard Firebox\u3001Microsoft Windows \u53ca Gladinet Triofox \u9762\u81e8\u7a4d\u6975\u653b\u64ca"},"content":{"rendered":"\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"693\" height=\"408\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/11\/image-15.png\" alt=\"\" class=\"wp-image-4014\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/11\/image-15.png 693w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/11\/image-15-300x177.png 300w\" sizes=\"auto, (max-width: 693px) 100vw, 693px\" \/><\/figure>\n\n\n\n<p>2025 \u5e74 11 \u6708\uff0c\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40\uff08<a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/11\/12\/cisa-adds-three-known-exploited-vulnerabilities-catalog\">CISA<\/a>\uff09\u5c07\u4e09\u500b\u91cd\u5927\u8cc7\u5b89\u6f0f\u6d1e\u7d0d\u5165\u300c\u5df2\u77e5\u88ab\u5229\u7528\u6f0f\u6d1e\u300d\uff08Known Exploited Vulnerabilities, KEV\uff09\u76ee\u9304\uff0c\u63d0\u9192\u806f\u90a6\u6a5f\u69cb\u8207\u4f01\u696d\u7acb\u5373\u63a1\u53d6\u884c\u52d5\uff0c\u9632\u6b62\u653b\u64ca\u8005\u5229\u7528\u9019\u4e9b\u6f0f\u6d1e\u5165\u4fb5\u7db2\u8def\u3002\u6b64\u6b21\u7d0d\u5165\u7684\u6f0f\u6d1e\u5305\u62ec\uff1a<\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li><strong><a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2025-9242\">CVE-2025-9242 <\/a>\u2013 WatchGuard Firebox Fireware OS Out-of-Bounds Write<\/strong><\/li>\n\n\n\n<li><strong><a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2025-12480\">CVE-2025-12480<\/a> \u2013 Gladinet Triofox <\/strong><strong>\u4e0d\u7576\u5b58\u53d6\u63a7\u5236<\/strong><\/li>\n\n\n\n<li><strong><a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2025-62215\">CVE-2025-62215<\/a> \u2013 Microsoft Windows <\/strong><strong>\u6838\u5fc3\u7af6\u614b\u689d\u4ef6\uff08Race Condition<\/strong><strong>\uff09<\/strong><\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>WatchGuard Firebox<\/strong><strong>\uff1aVPN IKEv2 <\/strong><strong>\u51fa\u754c\u5beb\u5165\u6f0f\u6d1e<\/strong><\/p>\n\n\n\n<p>CVE-2025-9242 \u70ba <strong>\u9ad8\u5371\uff08CVSS 9.3<\/strong><strong>\uff09out-of-bounds write <\/strong><strong>\u6f0f\u6d1e<\/strong>\uff0c\u5f71\u97ff\u7248\u672c\u5305\u62ec\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Fireware OS 11.10.2 ~ 11.12.4_Update1<\/li>\n\n\n\n<li>Fireware OS 12.0 ~ 12.11.3<\/li>\n\n\n\n<li>Fireware OS 2025.1<\/li>\n<\/ul>\n\n\n\n<p>\u6b64\u6f0f\u6d1e\u4f4d\u65bc IKEv2 VPN \u529f\u80fd\u4e2d\u7684 <strong>iked \u9032\u7a0b<\/strong>\uff0c\u653b\u64ca\u8005\u53ef\u5728 <strong>\u672a\u7d93\u9a57\u8b49<\/strong> \u7684\u60c5\u6cc1\u4e0b\u9060\u7aef\u89f8\u767c\uff0c\u9032\u800c\u5728\u9632\u706b\u7246\u908a\u754c\u8a2d\u5099\u4e0a\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\u3002\u554f\u984c\u6838\u5fc3\u6e90\u81ea IKE\uff08Internet Key Exchange\uff09\u63e1\u624b\u6d41\u7a0b\u4e2d\uff0c<strong>\u8b58\u5225\u7de9\u885d\u5340\u7f3a\u4e4f\u5fc5\u8981\u7684\u9577\u5ea6\u6aa2\u67e5<\/strong>\uff0c\u4f7f\u8cc7\u6599\u5728\u5c1a\u672a\u901a\u904e\u9a57\u8b49\u524d\u5c31\u88ab\u9001\u9032\u6613\u53d7\u653b\u64ca\u7684\u7a0b\u5f0f\u78bc\u8def\u5f91\u3002\u5373\u4f7f\u88dd\u7f6e\u5f8c\u7e8c\u6703\u9032\u884c\u6191\u8b49\u9a57\u8b49\uff0c\u4e5f\u7121\u6cd5\u963b\u64cb\u6f0f\u6d1e\u5728\u524d\u7f6e\u968e\u6bb5\u88ab\u5229\u7528\u3002<\/p>\n\n\n\n<p>\u66f4\u503c\u5f97\u6ce8\u610f\u7684\u662f\uff0c\u5373\u4fbf\u7ba1\u7406\u8005\u5df2\u522a\u9664\u76f8\u95dc VPN \u8a2d\u5b9a\uff0c\u53ea\u8981 <strong>\u4ecd\u5b58\u5728\u8207\u975c\u614b\u7db2\u95dc\u7684 VPN <\/strong><strong>\u914d\u7f6e<\/strong>\uff0c\u6f0f\u6d1e\u4f9d\u820a\u7dad\u6301\u53ef\u88ab\u653b\u64ca\u72c0\u614b\u3002\u63db\u8a00\u4e4b\uff0c\u653b\u64ca\u8005\u53ef\u5229\u7528\u6b64\u7f3a\u9677\u5728\u672a\u6388\u6b0a\u7684\u60c5\u6cc1\u4e0b\u76f4\u63a5\u65bc\u8a2d\u5099\u4e0a\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\uff0c\u5c0e\u81f4\u9632\u706b\u7246\u906d\u5230\u5b8c\u6574\u63a5\u7ba1\uff0c\u5f62\u6210\u6975\u9ad8\u7684\u908a\u754c\u5165\u4fb5\u98a8\u96aa\u3002\u7814\u7a76\u8005\u6307\u51fa\uff0c\u6f0f\u6d1e\u5728\u8a8d\u8b49\u524d\u5373\u53ef\u88ab\u89f8\u767c\uff0c\u4f3a\u670d\u5668\u7684\u8b49\u66f8\u9a57\u8b49\u5728\u6f0f\u6d1e\u7a0b\u5f0f\u78bc\u57f7\u884c\u4e4b\u5f8c\u624d\u958b\u59cb\uff0c\u56e0\u6b64\u653b\u64ca\u8005\u53ef\u5728\u7121\u9700\u767b\u5165\u7684\u60c5\u6cc1\u4e0b\u5165\u4fb5\u9632\u706b\u7246\u3002\u9019\u985e\u6f0f\u6d1e\u5c0d <strong>\u52d2\u7d22\u8edf\u9ad4\u5718\u968a\u8207\u7db2\u8def\u653b\u64ca\u8005<\/strong> \u5177\u6709\u9ad8\u5ea6\u5438\u5f15\u529b\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u53ef\u9060\u7aef\u57f7\u884c\u7a0b\u5f0f\u78bc<\/li>\n\n\n\n<li>\u900f\u904e\u516c\u958b VPN \u670d\u52d9\u66b4\u9732<\/li>\n\n\n\n<li>\u8a8d\u8b49\u524d\u5373\u53ef\u88ab\u5229\u7528<\/li>\n<\/ul>\n\n\n\n<p>\u6839\u64da Shadowserver Foundation \u7d71\u8a08\uff0c\u622a\u81f3 2025 \u5e74 11 \u6708 12 \u65e5\uff0c\u5168\u7403\u4ecd\u6709\u8d85\u904e <strong>54,300 <\/strong><strong>\u53f0 Firebox <\/strong><strong>\u88dd\u7f6e<\/strong>\u672a\u4fee\u88dc\uff0c\u5176\u4e2d\u7d04 <strong>18,500 <\/strong><strong>\u53f0\u4f4d\u65bc\u7f8e\u570b<\/strong>\u3002CISA \u5df2\u8981\u6c42\u806f\u90a6\u6c11\u7528\u884c\u653f\u90e8\u9580\uff08FCEB\uff09\u65bc <strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-9242\">12 \u6708 3 \u65e5\u524d\u5b8c\u6210\u4fee\u88dc<\/a><\/strong>\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>Gladinet Triofox<\/strong><strong>\uff1a\u4e0d\u7576\u5b58\u53d6\u63a7\u5236\u6f0f\u6d1e<\/strong><\/p>\n\n\n\n<p>CVE-2025-12480 \u662f <strong>Gladinet Triofox <\/strong><strong>\u5e73\u53f0\u4e0d\u7576\u5b58\u53d6\u63a7\u5236\u6f0f\u6d1e<\/strong>\uff0c\u653b\u64ca\u8005\u53ef\u7e5e\u904e\u9a57\u8b49\uff0c\u4e0a\u50b3\u4e26\u57f7\u884c\u9060\u7aef\u5b58\u53d6\u5de5\u5177\u3002Google Mandiant \u5c07\u5176\u5229\u7528\u4e8b\u4ef6\u6b78\u56e0\u65bc\u5a01\u8105\u96c6\u7fa4 <strong>UNC6485<\/strong>\u3002<\/p>\n\n\n\n<p>\u9019\u662f Triofox \u5728 2025 \u5e74\u88ab\u5229\u7528\u7684\u7b2c\u4e09\u500b\u6f0f\u6d1e\uff08\u524d\u5169\u500b\u70ba CVE-2025-30406 \u8207 CVE-2025-11371\uff09\u3002\u653b\u64ca\u8005\u53ef\u900f\u904e\u672a\u7d93\u6388\u6b0a\u7684\u8a2d\u5b9a\u9801\u9762\u5efa\u7acb\u300cCluster Admin\u300d\u5e33\u865f\uff0c\u9032\u4e00\u6b65\u6ef2\u900f\u8207\u63a7\u5236\u53d7\u5f71\u97ff\u7cfb\u7d71\u3002CISA \u5efa\u8b70\u7acb\u5373\u5957\u7528\u5ee0\u5546\u4fee\u88dc\u7a0b\u5f0f\uff0c\u4e26\u5be9\u67e5\u7cfb\u7d71\u914d\u7f6e\u8207\u5b58\u53d6\u6b0a\u9650\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>Microsoft Windows <\/strong><strong>\u6838\u5fc3\u7af6\u614b\u689d\u4ef6<\/strong><\/p>\n\n\n\n<p>CVE-2025-62215 \u662f Windows \u6838\u5fc3\u7684 <strong>race condition <\/strong><strong>\u6f0f\u6d1e\uff08CVSS 7.0<\/strong><strong>\uff09<\/strong>\u3002\u6210\u529f\u5229\u7528\u6b64\u6f0f\u6d1e\uff0c\u653b\u64ca\u8005\u53ef\u63d0\u5347\u672c\u5730\u6b0a\u9650\uff0c\u53d6\u5f97 SYSTEM \u6b0a\u9650\u3002\u6f0f\u6d1e\u5229\u7528\u9700\u300c\u8d0f\u5f97\u8cc7\u6e90\u7af6\u722d\u689d\u4ef6\u300d\uff0c\u4f46\u4e00\u65e6\u6210\u529f\uff0c\u5c07\u9020\u6210\u6975\u9ad8\u98a8\u96aa\u3002CISA \u540c\u6a23\u8981\u6c42\u806f\u90a6\u6a5f\u69cb\u4f9d <strong>BOD 22-01 <\/strong><strong>\u6307\u4ee4<\/strong>\u4fee\u88dc\u6f0f\u6d1e\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u5c08\u5bb6\u89c0\u9ede\uff1a\u70ba\u4f55\u9019\u4e09\u500b\u6f0f\u6d1e\u503c\u5f97\u95dc\u6ce8<\/strong><\/p>\n\n\n\n<p>\u5f9e\u8cc7\u5b89\u5c08\u5bb6\u89d2\u5ea6\u89c0\u5bdf\uff0c\u9019\u4e09\u500b\u6f0f\u6d1e\u5171\u540c\u7279\u5fb5\u986f\u793a\uff1a<\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li><strong>\u908a\u754c\u8a2d\u5099\u8207\u6838\u5fc3\u670d\u52d9\u6613\u6210\u653b\u64ca\u9996\u9078<\/strong>\uff1a\u9632\u706b\u7246\u8207 VPN \u662f\u4f01\u696d\u7db2\u8def\u7b2c\u4e00\u9053\u9632\u7dda\uff0c\u4e00\u65e6\u88ab\u653b\u7834\uff0c\u5167\u90e8\u7db2\u8def\u5c07\u66b4\u9732\u3002<\/li>\n\n\n\n<li><strong>\u672a\u7d93\u6388\u6b0a\u7684\u9060\u7aef\u7a0b\u5f0f\u78bc\u57f7\u884c\uff08RCE<\/strong><strong>\uff09\u98a8\u96aa\u9ad8<\/strong>\uff1a\u5c24\u5176 Firebox \u6f0f\u6d1e\uff0c\u8a8d\u8b49\u524d\u5373\u53ef\u88ab\u5229\u7528\u3002<\/li>\n\n\n\n<li><strong>\u4f9b\u61c9\u93c8\u8207\u670d\u52d9\u5e73\u53f0\u6f0f\u6d1e\u9700\u5373\u6642\u4fee\u88dc<\/strong>\uff1aTriofox \u6f0f\u6d1e\u986f\u793a\uff0c\u5373\u4fbf\u7cfb\u7d71\u5df2\u90e8\u7f72\u9632\u8b77\uff0c\u653b\u64ca\u8005\u4ecd\u80fd\u5229\u7528\u7ba1\u7406\u5e33\u865f\u7f3a\u9677\u64f4\u6563\u3002<\/li>\n\n\n\n<li><strong>\u591a\u5c64\u6b21\u9632\u8b77\u4e0d\u53ef\u6216\u7f3a<\/strong>\uff1a\u55ae\u9760\u9632\u706b\u7246\u7121\u6cd5\u5b8c\u5168\u963b\u6b62\u5165\u4fb5\uff0c\u9700\u7d50\u5408 IDS\/IPS\u3001\u65e5\u8a8c\u76e3\u63a7\u3001\u6ef2\u900f\u6e2c\u8a66\u8207\u8cc7\u5b89\u7a3d\u6838\u3002<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u5be6\u52d9\u5efa\u8b70<\/strong><\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li><strong>\u7acb\u5373\u4fee\u88dc<\/strong>\uff1a\u5957\u7528 WatchGuard\u3001Triofox \u8207 Windows \u5b98\u65b9\u4fee\u88dc\u7a0b\u5f0f\u3002<\/li>\n\n\n\n<li><strong>\u6aa2\u67e5 VPN <\/strong><strong>\u8207\u7db2\u95dc\u914d\u7f6e<\/strong>\uff1a\u78ba\u8a8d\u672a\u6388\u6b0a VPN \u8a2d\u5b9a\u5df2\u79fb\u9664\u6216\u4fee\u6b63\u3002<\/li>\n\n\n\n<li><strong>\u52a0\u5f37\u76e3\u63a7\u8207\u4e8b\u4ef6\u56de\u61c9<\/strong>\uff1a\u76e3\u6e2c\u7570\u5e38\u7db2\u8def\u6d41\u91cf\u8207\u5e33\u865f\u6d3b\u52d5\uff0c\u5c24\u5176\u91dd\u5c0d\u9060\u7aef\u5b58\u53d6\u670d\u52d9\u3002<\/li>\n\n\n\n<li><strong>\u6559\u80b2\u4f7f\u7528\u8005\u8207 IT <\/strong><strong>\u4eba\u54e1<\/strong>\uff1a\u63d0\u9ad8\u5c0d\u6f0f\u6d1e\u653b\u64ca\u624b\u6cd5\u7684\u7406\u89e3\uff0c\u907f\u514d\u793e\u4ea4\u5de5\u7a0b\u6216\u60e1\u610f\u914d\u7f6e\u88ab\u5229\u7528\u3002<\/li>\n\n\n\n<li><strong>\u4f9b\u61c9\u93c8\u5b89\u5168\u7ba1\u7406<\/strong>\uff1a\u78ba\u4fdd\u5408\u4f5c\u5925\u4f34\u53ca\u6b21\u7d1a\u4f9b\u61c9\u5546\u540c\u6a23\u4fee\u88dc\u6f0f\u6d1e\uff0c\u9632\u6b62\u93c8\u5f0f\u653b\u64ca\u3002<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u7d50\u8a9e<\/strong><\/p>\n\n\n\n<p>CISA \u5c07 WatchGuard Firebox\u3001Gladinet Triofox \u53ca Microsoft Windows \u4e09\u5927\u6f0f\u6d1e\u5217\u5165 KEV\uff0c\u51f8\u986f\u4e86 <strong>\u908a\u754c\u9632\u8b77\u3001\u96f2\u7aef\u670d\u52d9\u8207\u4f5c\u696d\u7cfb\u7d71\u5b89\u5168\u7684\u9ad8\u5ea6\u76f8\u95dc\u6027<\/strong>\u3002\u5c0d\u4f01\u696d\u8207\u653f\u5e9c\u55ae\u4f4d\u800c\u8a00\uff0c\u6f0f\u6d1e\u4fee\u88dc\u4e0d\u50c5\u662f\u6cd5\u898f\u9075\u5faa\uff0c\u66f4\u662f\u4fdd\u8b77\u95dc\u9375\u8cc7\u7522\u8207\u7dad\u6301\u71df\u904b\u97cc\u6027\u7684\u6838\u5fc3\u5de5\u4f5c\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>2025 \u5e74 11 \u6708\uff0c\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40\uff08CISA\uff09\u5c07\u4e09\u500b\u91cd\u5927\u8cc7\u5b89\u6f0f\u6d1e\u7d0d\u5165\u300c\u5df2\u77e5\u88ab\u5229\u7528\u6f0f\u6d1e\u300d\uff08Kn <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=4011\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[191,174],"class_list":["post-4011","post","type-post","status-publish","format-standard","hentry","category-6","tag-cisa","tag-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4011","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4011"}],"version-history":[{"count":1,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4011\/revisions"}],"predecessor-version":[{"id":4015,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4011\/revisions\/4015"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4011"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4011"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4011"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}