{"id":4090,"date":"2025-12-31T11:00:35","date_gmt":"2025-12-31T03:00:35","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=4090"},"modified":"2025-12-31T14:14:00","modified_gmt":"2025-12-31T06:14:00","slug":"%e6%bc%8f%e6%b4%9e%e6%84%88%e4%be%86%e6%84%88%e5%a4%9a%ef%bc%8c%e9%a2%a8%e9%9a%aa%e5%8d%bb%e6%9b%b4%e9%9b%a3%e6%8e%a7%ef%bc%9a2025-%e5%b9%b4-cve-%e7%8f%be%e8%b1%a1%e8%83%8c%e5%be%8c%e7%9a%84%e5%90%88","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=4090","title":{"rendered":"\u6f0f\u6d1e\u6108\u4f86\u6108\u591a\uff0c\u98a8\u96aa\u537b\u66f4\u96e3\u63a7\uff1a2025 \u5e74 CVE \u73fe\u8c61\u80cc\u5f8c\u7684\u5408\u898f\u771f\u76f8"},"content":{"rendered":"\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"830\" height=\"679\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-8.png\" alt=\"\" class=\"wp-image-4091\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-8.png 830w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-8-300x245.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-8-768x628.png 768w\" sizes=\"auto, (max-width: 830px) 100vw, 830px\" \/><figcaption class=\"wp-element-caption\">Photo Credit:VulneCheck<\/figcaption><\/figure>\n\n\n\n<p>2025 \u5e74\uff0c\u5168\u7403 \u6f0f\u6d1e\u63ed\u9732(Common Vulnerabilities and Exposures, CVE\u6578\u91cf\u518d\u5ea6\u5237\u65b0\u6b77\u53f2\u7d00\u9304\uff0c\u6b63\u5f0f\u5ba3\u544a\u8cc7\u5b89\u7522\u696d\u9032\u5165\u300c\u6f0f\u6d1e\u7206\u91cf\u5e38\u614b\u5316\u300d\u7684\u65b0\u968e\u6bb5\u3002\u5f9e\u8cc7\u5b89\u6cbb\u7406\u8207\u6cd5\u9075\uff08GRC\uff09\u89d2\u5ea6\u89c0\u5bdf\uff0c2025 \u5e74\u4e26\u975e\u53ea\u662f CVE \u6578\u91cf\u518d\u5275\u65b0\u9ad8\u7684\u4e00\u5e74\uff0c\u800c\u662f\u4f01\u696d\u6f0f\u6d1e\u7ba1\u7406\u6a21\u5f0f\u6b63\u5f0f\u5931\u6548\u7684\u4e00\u5e74\u3002\u6839\u64da Cisco Threat Detection &amp; Response \u9996\u5e2d\u5de5\u7a0b\u5e2b Jerry Gamblin \u7684<a href=\"https:\/\/cve.icu\/\">\u7d71\u8a08<\/a>\uff0c\u622a\u81f3\u76ee\u524d\u70ba\u6b62\uff0c<strong>2025 \u5e74\u5df2\u901a\u5831 45,777 \u7b46 CVE<\/strong>\uff0c\u5e73\u5747\u6bcf\u65e5\u65b0\u589e <strong>130.4 \u500b\u6f0f\u6d1e<\/strong>\uff0c\u5e74\u6210\u9577\u7387\u9054 <strong>19%<\/strong>\u3002\u4f9d\u5176\u63a8\u4f30\uff0c2025 \u5e74\u5e95 CVE \u7e3d\u6578\u5c07\u9054<a href=\"https:\/\/cveforecast.org\/\"> <strong>46,407 <\/strong><\/a><strong>\u7b46<\/strong>\uff0c\u8f03 2024 \u5e74\u6210\u9577 <strong>16.2%<\/strong>\uff0c\u518d\u5ea6\u5237\u65b0\u6b77\u53f2\u7d00\u9304\u3002<\/p>\n\n\n\n<p>\u7136\u800c\uff0c<strong>\u5c0d\u8cc7\u5b89\u9577\u8207\u98a8\u96aa\u3001\u5408\u898f\u55ae\u4f4d\u4f86\u8aaa\uff0c\u771f\u6b63\u9700\u8981\u8b66\u89ba\u7684\u4e26\u975e\u300c\u6f0f\u6d1e\u6578\u91cf\u300d\u672c\u8eab\uff0c\u800c\u662f\u6f0f\u6d1e\u6cbb\u7406\u6a21\u578b\u662f\u5426\u4ecd\u5177\u53ef\u884c\u6027<\/strong>\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u9ad8\u5371\u6f0f\u6d1e\u6bd4\u4f8b\u4e0b\u964d\uff0c\u4e26\u4e0d\u4ee3\u8868\u6574\u9ad4\u98a8\u96aa\u964d\u4f4e<\/strong><\/p>\n\n\n\n<p><strong>\u2014\u2014 CVSS v4.0 <\/strong><strong>\u5c0d\u5408\u898f\u5224\u8b80\u7684\u7d50\u69cb\u6027\u5f71\u97ff<\/strong><\/p>\n\n\n\n<p>VulnCheck \u6f0f\u6d1e\u7814\u7a76\u54e1 Patrick Garrity <a href=\"https:\/\/cve.icu\/\" title=\"\">\u6307\u51fa<\/a>\uff0c\u5118\u7ba1 2025 \u5e74 CVE \u6578\u91cf\u66b4\u589e\uff0c\u4f46 <strong>Critical \u8207 High Severity \u6f0f\u6d1e\u7684\u901a\u5831\u6bd4\u4f8b\uff0c\u53cd\u800c\u8f03 2024 \u5e74\u4e0b\u964d<\/strong>\u3002<\/p>\n\n\n\n<p>\u82e5\u5f9e\u5408\u898f\u89d2\u5ea6\u89e3\u8b80\uff0c\u9019\u662f\u4e00\u500b <strong>\u6975\u6613\u88ab\u8aa4\u5224\u7684\u8a0a\u865f<\/strong>\u3002<\/p>\n\n\n\n<p>\u6b64\u73fe\u8c61\u9ad8\u5ea6\u53ef\u80fd\u8207 <strong>CVSS v4.0 <\/strong><strong>\u8a55\u5206\u6a21\u578b\u5c0e\u5165<\/strong>\u6709\u95dc\u3002\u65b0\u7248 CVSS \u5728\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u74b0\u5883\u5f71\u97ff\u6b0a\u91cd<\/li>\n\n\n\n<li>\u653b\u64ca\u524d\u7f6e\u689d\u4ef6<\/li>\n\n\n\n<li>\u5229\u7528\u6210\u719f\u5ea6\u5224\u5b9a<\/li>\n<\/ul>\n\n\n\n<p>\u7b49\u5c64\u9762\u9032\u884c\u8abf\u6574\uff0c\u4f7f\u90e8\u5206\u300c\u5be6\u969b\u53ef\u88ab\u5feb\u901f\u6b66\u5668\u5316\u300d\u7684\u6f0f\u6d1e\uff0c\u672a\u5fc5\u518d\u88ab\u6a19\u793a\u70ba Critical\u3002<\/p>\n\n\n\n<p><strong>\u5c0d\u5408\u898f\u8207\u5167\u63a7\u800c\u8a00\uff0c\u9019\u610f\u5473\u8457\uff1a<br><\/strong><strong>\u50c5\u4f9d\u8cf4 CVSS <\/strong><strong>\u5206\u6578\u4f5c\u70ba\u4fee\u88dc\u512a\u5148\u9806\u5e8f\uff0c\u5df2\u4e0d\u518d\u7b26\u5408\u5408\u7406\u98a8\u96aa\u7ba1\u7406\u539f\u5247\u3002<\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u5f9e\u6cbb\u7406\u89d2\u5ea6\u91cd\u65b0\u5b9a\u7fa9\u6f0f\u6d1e\u98a8\u96aa<\/strong><\/p>\n\n\n\n<p><strong>\u300c\u88ab\u5229\u7528\u4e8b\u5be6\u300d\uff1e\u300c\u7406\u8ad6\u56b4\u91cd\u5ea6\u300d<\/strong><\/p>\n\n\n\n<p>2025 \u5e74\u7684\u591a\u8d77\u91cd\u5927\u4e8b\u4ef6\u5df2\u6e05\u695a\u8b49\u660e\uff1a<\/p>\n\n\n\n<p><strong>\u6f0f\u6d1e\u662f\u5426\u88ab\u5217\u70ba Critical<\/strong><strong>\uff0c\u5df2\u4e0d\u7b49\u65bc\u662f\u5426\u69cb\u6210\u91cd\u5927\u71df\u904b\u3001\u6cd5\u9075\u8207\u4f9b\u61c9\u93c8\u98a8\u96aa\u3002<\/strong><\/p>\n\n\n\n<p>\u591a\u500b\u5f71\u97ff\u5168\u7403\u7684\u95dc\u9375\u4e8b\u4ef6\uff0c\u5747\u5177\u5099\u4ee5\u4e0b\u5171\u540c\u7279\u5fb5\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u6f0f\u6d1e\u8fc5\u901f\u88ab\u7d0d\u5165\u653b\u64ca\u5de5\u5177\u93c8<\/li>\n\n\n\n<li>\u906d\u570b\u5bb6\u7d1a APT \u6216\u5927\u578b\u52d2\u7d22\u96c6\u5718\u6b66\u5668\u5316<\/li>\n\n\n\n<li>\u5f71\u97ff\u7bc4\u570d\u6a6b\u8de8\u4f9b\u61c9\u93c8\u3001\u96f2\u7aef\u8207 CI\/CD<\/li>\n\n\n\n<li>\u5f15\u767c\u5be6\u8cea\u8cc7\u6599\u5916\u6d29\u3001\u71df\u904b\u4e2d\u65b7\u6216\u76e3\u7ba1\u98a8\u96aa<\/li>\n<\/ul>\n\n\n\n<p>\u9019\u6b63\u662f <strong>\u73fe\u4ee3\u5408\u898f\u5236\u5ea6\uff08\u5982 ISO 27001<\/strong><strong>\u3001NIST CSF<\/strong><strong>\u3001\u91d1\u878d\u8cc7\u5b89\u6307\u5f15\uff09\u6240\u5f37\u8abf\u7684\u300c\u5be6\u969b\u98a8\u96aa\u5c0e\u5411\uff08Risk-based Approach<\/strong><strong>\uff09\u300d<\/strong>\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>2025 <\/strong><strong>\u5e74\u4e94\u5927\u6f0f\u6d1e\u5229\u7528\u4e8b\u4ef6<\/strong><\/p>\n\n\n\n<p><strong>\u5f9e\u5408\u898f\u8207\u6cbb\u7406\u8996\u89d2\u7684\u95dc\u9375\u8b66\u793a<\/strong><\/p>\n\n\n\n<p>\u4ee5\u4e0b\u4e8b\u4ef6\u4e0d\u50c5\u662f\u6280\u8853\u6f0f\u6d1e\uff0c\u66f4\u662f<strong>\u8cc7\u5b89\u6cbb\u7406\u8207\u5167\u63a7\u5931\u6548\u7684\u5177\u9ad4\u6848\u4f8b<\/strong>\u3002<\/p>\n\n\n\n<p><strong>\u4e00\u3001React2Shell<\/strong><strong>\uff1aReact.js <\/strong><strong>\u95dc\u9375 RCE <\/strong><strong>\u6f0f\u6d1e\uff0c\u906d\u591a\u570b\u570b\u5bb6\u7d1a\u99ed\u5ba2\u6b66\u5668\u5316<\/strong><\/p>\n\n\n\n<p>2025 \u5e74 11 \u6708 29 \u65e5\uff0c\u8cc7\u5b89\u7814\u7a76\u54e1 <strong>Lachlan Davidson<\/strong> \u5411 Meta \u8ca0\u8cac\u63ed\u9732\u4e00\u9805\u5f71\u97ff <strong>React.js<\/strong> \u7684 <strong>\u95dc\u9375\u9060\u7aef\u7a0b\u5f0f\u78bc\u57f7\u884c\uff08RCE\uff09\u6f0f\u6d1e<\/strong>\uff0c\u6b63\u5f0f\u7de8\u865f\u70ba <strong>CVE-2025-55182<\/strong>\uff0c\u4e26\u88ab\u547d\u540d\u70ba<a href=\"https:\/\/react.dev\/blog\/2025\/12\/03\/critical-security-vulnerability-in-react-server-components\" title=\"\"> <strong>React2Shell<\/strong><\/a>\uff0c\u540d\u7a31\u660e\u986f\u81f4\u656c 2021 \u5e74\u9707\u64bc\u5168\u7403\u7684 Log4Shell\u3002<\/p>\n\n\n\n<p>\u8a72\u6f0f\u6d1e\u5b58\u5728\u65bc <strong>React Server Components 19.x <\/strong><strong>\u591a\u500b\u7248\u672c<\/strong>\uff0c\u5c6c\u65bc <strong>\u672a\u7d93\u9a57\u8b49\u5373\u53ef\u89f8\u767c\u7684 RCE <\/strong><strong>\u6f0f\u6d1e<\/strong>\u3002\u4e00\u65e6\u6210\u529f\u5229\u7528\uff0c\u653b\u64ca\u8005\u53ef\u76f4\u63a5\u5728\u4f3a\u670d\u5668\u4e0a\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\uff0c\u5168\u9762\u638c\u63a7\u7cfb\u7d71\uff0c\u9032\u800c\u5b58\u53d6\u654f\u611f\u8cc7\u6599\u3002<\/p>\n\n\n\n<p>\u7531\u65bc <strong>React <\/strong><strong>\u8207 Next.js <\/strong><strong>\u5e7e\u4e4e\u662f\u73fe\u4ee3 Web <\/strong><strong>\u61c9\u7528\u7684\u6838\u5fc3\u57fa\u790e\u5efa\u8a2d<\/strong>\uff0c\u8a72\u6f0f\u6d1e\u4e00\u7d93\u63ed\u9732\u5373\u5f15\u767c\u9ad8\u5ea6\u8b66\u6212\u3002<\/p>\n\n\n\n<p>\u77ed\u77ed\u6578\u65e5\u5167\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AWS \u8b49\u5be6 <strong>Earth Lamia<\/strong><strong>\u3001Jackpot Panda<\/strong>\uff08\u8207\u4e2d\u570b\u570b\u5bb6\u5229\u76ca\u76f8\u95dc\uff09\u5df2\u767c\u52d5\u5be6\u969b\u653b\u64ca<\/li>\n\n\n\n<li>Shadowserver \u6383\u63cf\u767c\u73fe <strong>\u8d85\u904e 77,000 <\/strong><strong>\u500b\u66b4\u9732\u5728\u7db2\u969b\u7db2\u8def\u4e0a\u7684\u6f5b\u5728\u53d7\u5bb3\u7cfb\u7d71<\/strong><\/li>\n\n\n\n<li>\u591a\u500b\u72af\u7f6a\u96c6\u5718\u958b\u59cb\u690d\u5165 <strong>XMRig <\/strong><strong>\u7926\u5de5<\/strong>\u3001\u7aca\u53d6 AWS \u74b0\u5883\u8b8a\u6578\u8207\u91d1\u9470<\/li>\n<\/ul>\n\n\n\n<p>\u66f4\u503c\u5f97\u6ce8\u610f\u7684\u662f\uff0cSysdig \u7814\u7a76\u5718\u968a\u5728\u906d\u5165\u4fb5\u7684 Next.js \u61c9\u7528\u4e2d\u767c\u73fe <strong>EtherRAT <\/strong><strong>\u60e1\u610f\u690d\u5165\u7a0b\u5f0f<\/strong>\uff0c\u5176\u5de5\u5177\u8207 <strong>\u5317\u97d3 APT<\/strong><strong>\u300cContagious Interview<\/strong><strong>\u300d\u884c\u52d5\u9ad8\u5ea6\u91cd\u758a<\/strong>\uff0c\u986f\u793a\u570b\u5bb6\u7d1a\u99ed\u5ba2\u4e4b\u9593\u53ef\u80fd\u5df2\u51fa\u73fe <strong>\u5de5\u5177\u5171\u4eab\u6216\u6230\u8853\u501f\u7528<\/strong>\u7684\u73fe\u8c61\u3002<\/p>\n\n\n\n<p>CISA \u5df2\u65bc 12 \u6708 17 \u65e5\u5c07\u76f8\u95dc CVE \u7d0d\u5165 <strong>KEV<\/strong><strong>\uff08Known Exploited Vulnerabilities<\/strong><strong>\uff09\u6e05\u55ae<\/strong>\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"713\" height=\"1024\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-4-713x1024.jpg\" alt=\"\" class=\"wp-image-4092\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-4-713x1024.jpg 713w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-4-209x300.jpg 209w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-4-768x1103.jpg 768w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-4.jpg 831w\" sizes=\"auto, (max-width: 713px) 100vw, 713px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u4e8c\u3001Shai Hulud 2.0<\/strong><strong>\uff1aNPM <\/strong><strong>\u751f\u614b\u7cfb\u88ab\u5168\u9762\u4e0b\u6bd2\u7684\u4f9b\u61c9\u93c8\u8815\u87f2\u653b\u64ca<\/strong><\/p>\n\n\n\n<p>11 \u6708\u4e0b\u65ec\uff0c\u8cc7\u5b89\u5708\u9707\u64bc\u63ed\u9732 <strong>Shai Hulud 2.0<\/strong> \u884c\u52d5\u2014\u2014\u9019\u4e0d\u662f\u55ae\u4e00\u6f0f\u6d1e\uff0c\u800c\u662f <strong>\u4e00\u5834\u91dd\u5c0d\u958b\u6e90\u4f9b\u61c9\u93c8\u7684\u7cfb\u7d71\u6027\u6ef2\u900f\u884c\u52d5<\/strong>\u3002<\/p>\n\n\n\n<p>\u653b\u64ca\u8005\u900f\u904e <strong>\u7aca\u53d6 npm <\/strong><strong>\u5957\u4ef6\u7dad\u8b77\u8005\u5e33\u865f<\/strong>\uff0c\u5728\u77ed\u6642\u9593\u5167\u767c\u5e03 <strong>\u6578\u767e\u500b\u88ab\u690d\u5165\u60e1\u610f\u7a0b\u5f0f\u78bc\u7684\u5408\u6cd5\u5957\u4ef6\u7248\u672c<\/strong>\uff0c\u4e26\u6feb\u7528 <strong>preinstall <\/strong><strong>\u8173\u672c<\/strong>\uff0c\u5728\u4f9d\u8cf4\u5b89\u88dd\u77ac\u9593\u5373\u57f7\u884c\u60e1\u610f\u884c\u70ba\uff0c\u6210\u529f\u7e5e\u904e\u591a\u6578 SCA \u8207\u6e2c\u8a66\u6a5f\u5236\u3002<\/p>\n\n\n\n<p>\u5176\u5f71\u97ff\u7bc4\u570d\u9a5a\u4eba\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u7d04 700 <\/strong><strong>\u500b npm <\/strong><strong>\u5957\u4ef6<\/strong><\/li>\n\n\n\n<li><strong>\u8d85\u904e 25,000 <\/strong><strong>\u500b GitHub Repo<\/strong><\/li>\n\n\n\n<li>\u6a6b\u8de8 <strong>500 <\/strong><strong>\u591a\u500b\u7d44\u7e54<\/strong><\/li>\n<\/ul>\n\n\n\n<p>\u66f4\u5371\u96aa\u7684\u662f\u7b2c\u4e8c\u968e\u6bb5\u653b\u64ca\uff1a<br>\u99ed\u5ba2\u5229\u7528\u7aca\u5f97\u7684 GitHub Token\uff0c\u52ab\u6301 <strong>GitHub Actions <\/strong><strong>\u8207\u81ea\u67b6 Runner<\/strong>\uff0c\u5efa\u7acb\u9577\u671f\u5f8c\u9580\uff0c\u751a\u81f3\u80fd <strong>\u4e00\u6b21\u6027\u5916\u6d29\u6574\u500b Secrets <\/strong><strong>\u5132\u5b58\u5eab<\/strong>\u3002<\/p>\n\n\n\n<p>\u9019\u8d77\u4e8b\u4ef6\u88ab\u591a\u5bb6\u7814\u7a76\u6a5f\u69cb\u8a55\u70ba <strong>2025 <\/strong><strong>\u5e74\u898f\u6a21\u6700\u5927\u3001\u6700\u5177\u7834\u58de\u529b\u7684\u4f9b\u61c9\u93c8\u653b\u64ca\u4e4b\u4e00<\/strong>\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"524\" height=\"295\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-9.png\" alt=\"\" class=\"wp-image-4093\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-9.png 524w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-9-300x169.png 300w\" sizes=\"auto, (max-width: 524px) 100vw, 524px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u4e09\u3001Oracle E-Business Suite <\/strong><strong>\u96f6\u6642\u5dee\u6f0f\u6d1e\uff1aClop <\/strong><strong>\u52d2\u7d22\u96c6\u5718\u518d\u5ea6\u51fa\u624b<\/strong><\/p>\n\n\n\n<p>2025 \u5e74 10 \u6708\uff0cOracle \u7dca\u6025\u8b66\u544a\u5ba2\u6236\uff0c\u5176 <strong>E-Business Suite<\/strong><strong>\uff08EBS<\/strong><strong>\uff09<\/strong> \u53ef\u80fd\u5df2\u906d\u96f6\u6642\u5dee\u6f0f\u6d1e\u653b\u64ca\u3002<\/p>\n\n\n\n<p>\u8a72\u6f0f\u6d1e <strong>CVE-2025-61882<\/strong><strong>\uff08CVSS 9.8<\/strong><strong>\uff09<\/strong> \u53ef\u76f4\u63a5\u5c0e\u81f4 RCE\uff0c\u4e26\u88ab <strong>Clop <\/strong><strong>\u52d2\u7d22\u96c6\u5718<\/strong> \u5be6\u969b\u7528\u65bc\u8cc7\u6599\u7aca\u53d6\u8207\u52d2\u7d22\u3002<\/p>\n\n\n\n<p>\u53d7\u5bb3\u540d\u55ae\u6a6b\u8de8\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u82f1\u570b NHS \u91ab\u7642\u9ad4\u7cfb<\/li>\n\n\n\n<li>Canon\u3001Mazda\u3001\u7f85\u6280<\/li>\n\n\n\n<li>\u591a\u5bb6\u8de8\u570b\u88fd\u9020\u8207\u79d1\u6280\u4f01\u696d<\/li>\n<\/ul>\n\n\n\n<p>\u9019\u518d\u5ea6\u8b49\u5be6\uff1a<strong>\u5927\u578b\u4f01\u696d<\/strong><strong> ERP <\/strong><strong>\u7cfb\u7d71\uff0c\u4f9d\u7136\u662f\u52d2\u7d22\u96c6\u5718\u7684\u9ad8\u50f9\u503c\u76ee\u6a19<\/strong>\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"250\" height=\"512\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-10.png\" alt=\"\" class=\"wp-image-4094\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-10.png 250w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-10-146x300.png 146w\" sizes=\"auto, (max-width: 250px) 100vw, 250px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u56db\u3001ToolShell<\/strong><strong>\uff1aSharePoint <\/strong><strong>\u672c\u5730\u90e8\u7f72\u6210 APT <\/strong><strong>\u5175\u5bb6\u5fc5\u722d\u4e4b\u5730<\/strong><\/p>\n\n\n\n<p>2025 \u5e74 7 \u6708\uff0cMicrosoft \u8b66\u544a <strong>SharePoint On-Premises<\/strong> \u906d\u5230\u93c8\u5f0f\u6f0f\u6d1e\u653b\u64ca\uff08CVE-2025-53770 \/ 53771\uff09\uff0c\u88ab\u547d\u540d\u70ba <strong>ToolShell<\/strong>\u3002<\/p>\n\n\n\n<p>\u77ed\u6642\u9593\u5167\uff0c<strong>\u8fd1<\/strong><strong> 400 <\/strong><strong>\u53f0 SharePoint <\/strong><strong>\u7cfb\u7d71\u906d\u5165\u4fb5<\/strong>\uff0c\u4e14\u591a\u6578\u5c6c\u65bc\u653f\u5e9c\u3001\u91ab\u7642\u7b49\u95dc\u9375\u7522\u696d\u3002<\/p>\n\n\n\n<p>\u5df2\u78ba\u8a8d\u6d89\u5165\u7684\u653b\u64ca\u8005\u5305\u542b\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Linen Typhoon\uff08APT27\uff09<\/li>\n\n\n\n<li>Violet Typhoon\uff08APT31\uff09<\/li>\n\n\n\n<li>Storm-2603\uff08\u5177\u52d2\u7d22\u80cc\u666f\u7684\u4e2d\u570b\u76f8\u95dc\u5718\u968a\uff09<\/li>\n<\/ul>\n\n\n\n<p>\u9019\u8d77\u4e8b\u4ef6\u4e5f\u8b93\u4f01\u696d\u91cd\u65b0\u6b63\u8996\uff1a<strong>\u5167\u90e8\u90e8\u7f72\u7cfb\u7d71\u4e26\u4e0d\u7b49\u65bc\u5b89\u5168<\/strong>\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"831\" height=\"468\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-5.jpg\" alt=\"\" class=\"wp-image-4095\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-5.jpg 831w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-5-300x169.jpg 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-5-768x433.jpg 768w\" sizes=\"auto, (max-width: 831px) 100vw, 831px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u4e94\u3001CitrixBleed 2<\/strong><strong>\uff1a\u719f\u6089\u7684\u6f0f\u6d1e\u578b\u614b\uff0c\u518d\u6b21\u91cd\u6f14<\/strong><\/p>\n\n\n\n<p>2025 \u5e74 6 \u6708\uff0cCitrix NetScaler \u518d\u5ea6\u7206\u51fa <strong>\u985e\u4f3c 2023 CitrixBleed <\/strong><strong>\u7684\u9ad8\u5371\u6f0f\u6d1e\uff08CVE-2025-5777<\/strong><strong>\uff09<\/strong>\uff0c\u53ef\u7e5e\u904e MFA\u3001\u52ab\u6301\u4f7f\u7528\u8005\u5de5\u4f5c\u968e\u6bb5\u3002<\/p>\n\n\n\n<p>\u8207\u524d\u4ee3\u4e0d\u540c\u7684\u662f\uff0cCitrixBleed 2 <strong>\u76f4\u63a5\u9396\u5b9a Session Token<\/strong>\uff0c\u98a8\u96aa\u66f4\u9ad8\u3001\u5075\u6e2c\u66f4\u56f0\u96e3\u3002<\/p>\n\n\n\n<p>CISA \u5df2\u5c07\u5176\u5217\u5165 KEV\uff0c\u4e26\u8981\u6c42\u653f\u5e9c\u55ae\u4f4d <strong>\u9694\u65e5\u5b8c\u6210\u4fee\u88dc<\/strong>\uff0c\u986f\u793a\u5176\u5a01\u8105\u7b49\u7d1a\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"831\" height=\"539\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-11.png\" alt=\"\" class=\"wp-image-4096\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-11.png 831w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-11-300x195.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2025\/12\/image-11-768x498.png 768w\" sizes=\"auto, (max-width: 831px) 100vw, 831px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u5408\u898f\u7e3d\u7d50\u5efa\u8b70<\/strong><\/p>\n\n\n\n<p>2025 \u5e74\u5c0d\u4f01\u696d\u7684\u6838\u5fc3\u555f\u793a\u53ea\u6709\u4e00\u500b\uff1a<\/p>\n\n\n\n<p><strong>\u5408\u898f\u4e0d\u662f\u300c\u662f\u5426\u4fee\u88dc\u6f0f\u6d1e\u300d\uff0c\u800c\u662f\u300c\u662f\u5426\u6709\u80fd\u529b\u5373\u6642\u56de\u61c9\u88ab\u5229\u7528\u7684\u98a8\u96aa\u300d\u3002<\/strong><\/p>\n\n\n\n<p><strong>\u5efa\u8b70\u6cbb\u7406\u65b9\u5411\u5305\u542b\uff1a<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u5c07 <strong>KEV<\/strong><strong>\u3001\u5be6\u969b\u653b\u64ca\u8de1\u8c61(In-the-wild)<\/strong>\u7d0d\u5165\u6b63\u5f0f\u98a8\u96aa\u8a55\u5206<\/li>\n\n\n\n<li>\u5c0d\u958b\u6e90\u8207 CI\/CD \u5efa\u7acb <strong>\u6301\u7e8c\u76e3\u63a7\u8cac\u4efb\u5236<\/strong><\/li>\n\n\n\n<li>\u6f0f\u6d1e\u7ba1\u7406\u9700\u8207 <strong>\u71df\u904b\u885d\u64ca\u5206\u6790\uff08BIA<\/strong><strong>\uff09<\/strong> \u9023\u52d5<\/li>\n\n\n\n<li><strong>\u4fee\u88dc\u5ef6\u9072\u5fc5\u9808\u5177\u5099 <\/strong><strong>\u98a8\u96aa\u63a5\u53d7\u8207\u7ba1\u7406\u5c64\u7c3d\u6838\u7d00\u9304<\/strong><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>2025 \u5e74\uff0c\u5168\u7403 \u6f0f\u6d1e\u63ed\u9732(Common Vulnerabilities and Exposures, CV <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=4090\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[174],"class_list":["post-4090","post","type-post","status-publish","format-standard","hentry","category-6","tag-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4090","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4090"}],"version-history":[{"count":2,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4090\/revisions"}],"predecessor-version":[{"id":4099,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4090\/revisions\/4099"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4090"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4090"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4090"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}