{"id":4241,"date":"2026-04-15T16:20:03","date_gmt":"2026-04-15T08:20:03","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=4241"},"modified":"2026-04-15T16:34:18","modified_gmt":"2026-04-15T08:34:18","slug":"%e5%be%9e-kev-%e6%9b%b4%e6%96%b0%e7%9c%8b%e6%94%bb%e6%93%8a%e7%af%80%e5%a5%8f%e5%8a%a0%e9%80%9f%ef%bc%9a7-%e5%80%8b%e5%b7%b2%e9%81%ad%e5%88%a9%e7%94%a8%e6%bc%8f%e6%b4%9e%e6%8f%ad%e7%a4%ba%e4%bc%81","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=4241","title":{"rendered":"\u5f9e KEV \u66f4\u65b0\u770b\u653b\u64ca\u7bc0\u594f\u52a0\u901f\uff1a7 \u500b\u5df2\u906d\u5229\u7528\u6f0f\u6d1e\u63ed\u793a\u4f01\u696d\u771f\u6b63\u7684\u9632\u7dda\u58d3\u529b"},"content":{"rendered":"\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"693\" height=\"539\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2026\/04\/image-1.png\" alt=\"\" class=\"wp-image-4242\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2026\/04\/image-1.png 693w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2026\/04\/image-1-300x233.png 300w\" sizes=\"auto, (max-width: 693px) 100vw, 693px\" \/><\/figure>\n\n\n\n<p>\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u8207\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40 (CISA) \u65bc 2026 \u5e74 4 \u6708 13 \u65e5\u518d\u5ea6\u66f4\u65b0\u5176\u300c<a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2026\/04\/13\/cisa-adds-seven-known-exploited-vulnerabilities-catalog\" title=\"\">\u5df2\u77e5\u906d\u5be6\u969b\u5229\u7528\u6f0f\u6d1e\u6e05\u55ae<\/a>\u300d\uff08Known Exploited Vulnerabilities, KEV\uff09\uff0c\u4e00\u6b21\u65b0\u589e\u4e03\u500b\u5df2\u88ab\u78ba\u8a8d\u5728\u5be6\u969b\u653b\u64ca\u4e2d\u906d\u5229\u7528\u7684 CVE\u3002<\/p>\n\n\n\n<p>\u9019\u4e0d\u53ea\u662f\u4e00\u6b21\u4f8b\u884c\u66f4\u65b0\uff0c\u800c\u662f\u518d\u6b21\u63d0\u9192\u4f01\u696d\uff1a<strong>\u653b\u64ca\u8005\u4e26\u4e0d\u7b49\u5f85\u4f60\u4fee\u88dc\u5b8c\u6210\uff0c\u800c\u662f\u76f4\u63a5\u4f7f\u7528\u300c\u5df2\u9a57\u8b49\u53ef\u6253\u7a7f\u9632\u7dda\u7684\u6f0f\u6d1e\u300d\u3002<\/strong><\/p>\n\n\n\n<p>\u5728\u7576\u524d\u653b\u64ca\u7bc0\u594f\u4e0b\uff0cKEV \u6e05\u55ae\u67d0\u7a2e\u7a0b\u5ea6\u4e0a\u5df2\u7d93\u4e0d\u53ea\u662f\u98a8\u96aa\u901a\u5831\uff0c\u800c\u662f\u300c\u6b63\u5728\u88ab\u6b66\u5668\u5316\u7684\u73fe\u5be6\u653b\u64ca\u624b\u518a\u300d\u3002<\/p>\n\n\n\n<p><strong>\u4e00\u3001\u672c\u6b21 KEV <\/strong><strong>\u66f4\u65b0\u7684 7 <\/strong><strong>\u500b\u6f0f\u6d1e\u4e00\u89bd<\/strong><\/p>\n\n\n\n<p>\u672c\u6b21\u65b0\u589e\u6db5\u84cb Adobe\u3001Microsoft \u8207 Fortinet \u4e09\u5927\u751f\u614b\u7cfb\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-1854\">CVE-2012-1854<\/a>\uff1aMicrosoft VBA \u4e0d\u5b89\u5168\u51fd\u5f0f\u5eab\u8f09\u5165\u6f0f\u6d1e<\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2020-9715\">CVE-2020-9715<\/a>\uff1aAdobe Acrobat Use-After-Free \u6f0f\u6d1e<\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2023-21529\">CVE-2023-21529<\/a>\uff1aMicrosoft Exchange Server \u53cd\u5e8f\u5217\u5316\u6f0f\u6d1e<\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2023-36424\">CVE-2023-36424<\/a>\uff1aMicrosoft Windows \u8d8a\u754c\u8b80\u53d6\u6f0f\u6d1e<\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-60710\">CVE-2025-60710<\/a>\uff1aMicrosoft Windows Link Following \u6f0f\u6d1e<\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-21643\">CVE-2026-21643<\/a>\uff1aFortinet SQL Injection \u6f0f\u6d1e<\/li>\n\n\n\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-34621\">CVE-2026-34621<\/a>\uff1aAdobe Acrobat \/ Reader Prototype Pollution \u6f0f\u6d1e<\/li>\n<\/ul>\n\n\n\n<p>\u9019\u4efd\u6e05\u55ae\u7684\u95dc\u9375\u4e0d\u5728\u6578\u91cf\uff0c\u800c\u5728\u7d50\u69cb\uff1a<br><strong>\u65b0\u6f0f\u6d1e + <\/strong><strong>\u8001\u6f0f\u6d1e + <\/strong><strong>\u8de8\u5e73\u53f0\u7d44\u5408\u653b\u64ca\uff0c\u5df2\u6210\u70ba\u4e3b\u6d41\u653b\u64ca\u6a21\u5f0f\u3002<\/strong><\/p>\n\n\n\n<p><strong>\u4e8c\u3001\u653b\u64ca\u8005\u5728\u505a\u4ec0\u9ebc\uff1a\u4e0d\u662f\u55ae\u9ede\u6f0f\u6d1e\uff0c\u800c\u662f\u300c\u653b\u64ca\u93c8\u62fc\u88dd\u300d<\/strong><\/p>\n\n\n\n<p>\u5982\u679c\u53ea\u770b CVE\uff0c\u4f60\u6703\u4ee5\u70ba\u9019\u53ea\u662f\u96f6\u6563\u6f0f\u6d1e\u96c6\u5408\uff1b\u4f46\u5f9e\u653b\u64ca\u8996\u89d2\u4f86\u770b\uff0c\u9019\u5176\u5be6\u662f\u4e00\u689d\u5b8c\u6574\u7684\u5165\u4fb5\u8def\u5f91\u8a2d\u8a08\u5716\u3002<\/p>\n\n\n\n<p><strong>1. <\/strong><strong>\u521d\u59cb\u5165\u4fb5\uff1a\u6587\u4ef6\u8207\u908a\u754c\u8a2d\u5099<\/strong><\/p>\n\n\n\n<p>Adobe Acrobat \u7684\u5169\u500b\u6f0f\u6d1e\uff08CVE-2020-9715\u3001CVE-2026-34621\uff09\u986f\u793a PDF \u4ecd\u7136\u662f\u91e3\u9b5a\u653b\u64ca\u6838\u5fc3\u8f09\u9ad4\u3002<\/p>\n\n\n\n<p>\u653b\u64ca\u8005\u901a\u5e38\u6703\u5229\u7528\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>PDF \/ Office \u6587\u4ef6<\/li>\n\n\n\n<li>Prototype Pollution \u6216 Use-After-Free<\/li>\n\n\n\n<li>JavaScript engine \u884c\u70ba\u64cd\u63a7<\/li>\n<\/ul>\n\n\n\n<p>\u76ee\u7684\u53ea\u6709\u4e00\u500b\uff1a<strong>\u8b93\u4f7f\u7528\u8005\u300c\u6253\u958b\u6587\u4ef6\u5c31\u88ab\u57f7\u884c\u7a0b\u5f0f\u78bc\u300d<\/strong><\/p>\n\n\n\n<p>\u540c\u6642\uff0cFortinet\uff08CVE-2026-21643\uff09\u9019\u985e SQL Injection \u908a\u754c\u6f0f\u6d1e\uff0c\u5247\u5e38\u88ab\u7528\u4f86\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u76f4\u63a5\u6253\u7ba1\u7406\u4ecb\u9762<\/li>\n\n\n\n<li>\u53d6\u5f97\u521d\u59cb foothold<\/li>\n\n\n\n<li>\u4f5c\u70ba\u5167\u7db2\u8df3\u677f<\/li>\n<\/ul>\n\n\n\n<p><strong>2. <\/strong><strong>\u7acb\u8db3\u9ede\u5efa\u7acb\uff1aExchange <\/strong><strong>\u8207 Windows <\/strong><strong>\u6210\u70ba\u6838\u5fc3\u8df3\u677f<\/strong><\/p>\n\n\n\n<p>\u5728 Microsoft \u751f\u614b\u7cfb\u4e2d\uff0cMicrosoft \u7684 Exchange \u8207 Windows \u6f0f\u6d1e\u4ecd\u662f\u653b\u64ca\u93c8\u4e2d\u6700\u95dc\u9375\u7684\u300c\u4e2d\u6bb5\u63a7\u5236\u5c64\u300d\u3002<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>CVE-2023-21529\uff1aExchange \u53cd\u5e8f\u5217\u5316 \u2192 \u5e38\u898b\u65bc\u90f5\u4ef6\u6295\u905e\u5f8c\u57f7\u884c RCE<\/li>\n\n\n\n<li>CVE-2023-36424\uff1aWindows \u8d8a\u754c\u8b80\u53d6 \u2192 \u8f14\u52a9\u8cc7\u8a0a\u7aca\u53d6\u8207\u8a18\u61b6\u9ad4\u64cd\u63a7<\/li>\n\n\n\n<li>CVE-2025-60710\uff1a\u6b0a\u9650\u63d0\u5347 \u2192 \u5f9e user \u2192 SYSTEM<\/li>\n<\/ul>\n\n\n\n<p>\u9019\u4e00\u6bb5\u7684\u672c\u8cea\u662f\uff1a<br>&nbsp;<strong>\u5f9e\u300c\u9032\u4f86\u300d\u8b8a\u6210\u300c\u7ad9\u7a69\u300d<\/strong><\/p>\n\n\n\n<p><strong>3. <\/strong><strong>\u8001\u6f0f\u6d1e\u518d\u5229\u7528\uff1a\u653b\u64ca\u8005\u6700\u611b\u7684\u4f4e\u6210\u672c\u7a81\u7834\u53e3<\/strong><\/p>\n\n\n\n<p>CVE-2012-1854\uff08VBA DLL Hijacking\uff09\u662f\u4e00\u500b\u5178\u578b\u8a0a\u865f\uff1a<\/p>\n\n\n\n<p>\u5373\u4f7f\u6f0f\u6d1e\u5df2\u8d85\u904e\u5341\u5e74\uff0c\u4ecd\u7136\u51fa\u73fe\u5728 KEV\u3002<\/p>\n\n\n\n<p>\u9019\u610f\u5473\u8457\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u4f01\u696d\u5167\u4ecd\u5b58\u5728\u672a\u4fee\u88dc legacy \u7cfb\u7d71<\/li>\n\n\n\n<li>\u653b\u64ca\u8005\u6383\u63cf\u7684\u662f\u300c\u73fe\u5be6\u74b0\u5883\u300d\uff0c\u4e0d\u662f CVE \u5e74\u4efd<\/li>\n\n\n\n<li>\u6280\u8853\u50b5 = \u6c38\u9060\u5b58\u5728\u7684\u5165\u4fb5\u5165\u53e3<\/li>\n<\/ul>\n\n\n\n<p><strong>\u4e09\u3001\u6700\u95dc\u9375\u8da8\u52e2\uff1a\u6f0f\u6d1e\u6b66\u5668\u5316\u901f\u5ea6\u6b63\u5728\u5931\u63a7<\/strong><\/p>\n\n\n\n<p>\u5f9e\u672c\u6b21 KEV \u53ef\u4ee5\u770b\u51fa\u4e00\u500b\u660e\u78ba\u8b8a\u5316\uff1a<\/p>\n\n\n\n<p><strong>&nbsp;<\/strong><strong>\u5f9e\u300c\u6708\u300d\u8b8a\u300c\u9031\u300d\u751a\u81f3\u300c\u5929\u300d<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>CVE \u516c\u5e03 \u2192 PoC \u51fa\u73fe \u2192 \u5be6\u6230\u5229\u7528<\/li>\n\n\n\n<li>\u73fe\u5728\u5e7e\u4e4e\u58d3\u7e2e\u6210\u6975\u77ed\u9031\u671f<\/li>\n<\/ul>\n\n\n\n<p><strong>&nbsp;<\/strong><strong>\u653b\u64ca\u93c8\u6a21\u7d44\u5316<\/strong><\/p>\n\n\n\n<p>\u653b\u64ca\u4e0d\u518d\u4f9d\u8cf4\u55ae\u4e00\u6f0f\u6d1e\uff0c\u800c\u662f\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>PDF\uff08\u521d\u59cb\u5165\u4fb5\uff09<\/li>\n\n\n\n<li>Exchange\uff08\u90f5\u4ef6\u6295\u905e\uff09<\/li>\n\n\n\n<li>Windows\uff08\u6b0a\u9650\u63d0\u5347\uff09<\/li>\n\n\n\n<li>Fortinet\uff08\u908a\u754c\u7a81\u7834\uff09<\/li>\n<\/ul>\n\n\n\n<p>\u62fc\u6210\u5b8c\u6574\u6ef2\u900f\u6d41\u7a0b<\/p>\n\n\n\n<p><strong>\u65b0\u820a\u6f0f\u6d1e\u6df7\u5408\u4f7f\u7528<\/strong><\/p>\n\n\n\n<p>\u9019\u9ede\u6700\u5371\u96aa\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u65b0\u6f0f\u6d1e\u6253\u5165\u53e3<\/li>\n\n\n\n<li>\u820a\u6f0f\u6d1e\u505a\u7e5e\u904e<\/li>\n\n\n\n<li>\u7d44\u5408\u63d0\u5347\u6210\u529f\u7387\u8207\u96b1\u533f\u6027<\/li>\n<\/ul>\n\n\n\n<p><strong>\u56db\u3001\u4f01\u696d\u771f\u6b63\u8a72\u95dc\u6ce8\u7684\u4e0d\u662f CVE<\/strong><strong>\uff0c\u800c\u662f\u300cKEV<\/strong><strong>\u300d<\/strong><\/p>\n\n\n\n<p>\u96d6\u7136 KEV \u4e3b\u8981\u7531 Cybersecurity and Infrastructure Security Agency \u7528\u65bc\u806f\u90a6\u6a5f\u69cb\u4fee\u88dc\u6307\u4ee4\uff08BOD 22-01\uff09\uff0c\u4f46\u5b83\u7684\u610f\u7fa9\u65e9\u5df2\u8d85\u8d8a\u7f8e\u570b\u653f\u5e9c\u9ad4\u7cfb\u3002<\/p>\n\n\n\n<p>KEV \u672c\u8cea\u4e0a\u4ee3\u8868\uff1a<\/p>\n\n\n\n<p><strong>\u300c\u5df2\u7d93\u88ab\u653b\u64ca\u8005\u9a57\u8b49\u6210\u529f\u7684\u6f0f\u6d1e\u96c6\u5408\u300d<\/strong><\/p>\n\n\n\n<p>\u56e0\u6b64\u5c0d\u4f01\u696d\u4f86\u8aaa\uff0c\u5b83\u7684\u512a\u5148\u7d1a\u61c9\u8a72\u9ad8\u65bc\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u4e00\u822c vulnerability scan \u7d50\u679c<\/li>\n\n\n\n<li>\u4f4e\u98a8\u96aa CVSS \u5206\u6578\u6f0f\u6d1e<\/li>\n\n\n\n<li>\u5c1a\u672a\u88ab\u5229\u7528\u7684 PoC \u6f0f\u6d1e<\/li>\n<\/ul>\n\n\n\n<p><strong>\u4e94\u3001\u7d50\u8a9e\uff1a\u771f\u6b63\u7684\u554f\u984c\u4e0d\u662f\u6f0f\u6d1e\uff0c\u800c\u662f\u4fee\u88dc\u901f\u5ea6<\/strong><\/p>\n\n\n\n<p>\u9019\u6b21 KEV \u66f4\u65b0\u518d\u6b21\u63d0\u9192\u4e00\u4ef6\u6b98\u9177\u7684\u4e8b\u5be6\uff1a<\/p>\n\n\n\n<p><strong>\u653b\u64ca\u8005\u7684\u901f\u5ea6\uff0c\u5df2\u7d93\u5feb\u904e\u4f01\u696d\u7684\u4fee\u88dc\u6d41\u7a0b\u3002<\/strong><\/p>\n\n\n\n<p>\u7576\u6f0f\u6d1e\u5f9e\u66dd\u5149\u5230\u6b66\u5668\u5316\u7684\u6642\u9593\u8d8a\u4f86\u8d8a\u77ed\uff0c\u4f01\u696d\u9762\u81e8\u7684\u4e0d\u662f\u300c\u662f\u5426\u6703\u88ab\u653b\u64ca\u300d\uff0c\u800c\u662f\uff1a<\/p>\n\n\n\n<p>\u300c\u4f55\u6642\u6703\u5728\u672a\u4fee\u88dc\u7684\u7a97\u53e3\u671f\u88ab\u6253\u7a7f\u300d<\/p>\n\n\n\n<p>\u5728\u9019\u7a2e\u74b0\u5883\u4e0b\uff0cKEV \u5df2\u4e0d\u53ea\u662f\u6e05\u55ae\uff0c\u800c\u662f\u4f01\u696d\u6700\u73fe\u5be6\u7684\u9632\u7dda\u58d3\u529b\u6307\u6a19\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u8207\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40 (CISA) \u65bc 2026 \u5e74 4 \u6708 13 \u65e5\u518d\u5ea6\u66f4\u65b0\u5176\u300c\u5df2\u77e5\u906d\u5be6\u969b\u5229\u7528\u6f0f\u6d1e\u6e05 <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=4241\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[191,174],"class_list":["post-4241","post","type-post","status-publish","format-standard","hentry","category-6","tag-cisa","tag-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4241","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4241"}],"version-history":[{"count":2,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4241\/revisions"}],"predecessor-version":[{"id":4244,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/4241\/revisions\/4244"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}