{"id":469,"date":"2020-08-21T14:43:11","date_gmt":"2020-08-21T06:43:11","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=469"},"modified":"2020-08-21T14:48:03","modified_gmt":"2020-08-21T06:48:03","slug":"mitre%e7%99%bc%e5%b8%832020%e6%9c%80%e5%8d%b1%e9%9a%aa%e8%bb%9f%e9%ab%94%e6%bc%8f%e6%b4%9e%e9%a1%9e%e5%9e%8b-top-25-%e5%88%97%e8%a1%a8","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=469","title":{"rendered":"MITRE\u767c\u5e03\u76842020\u6700\u5371\u96aa\u8edf\u9ad4\u6f0f\u6d1e\u985e\u578b Top 25 \u7684\u5217\u8868"},"content":{"rendered":"\n

MITRE\u516c\u5e032020\u5e74\u6700\u5371\u96aa\u768425\u500b\u8edf\u9ad4\u932f\u8aa4<\/p>\n\n\n\n

\u8edf\u9ad4\u932f\u8aa4\u53ef\u4ee5\u662f\u8edf\u9ad4\u89e3\u6c7a\u65b9\u6848\u7684\u7a0b\u5f0f\u78bc\uff0c\u7d50\u69cb\uff0c\u5be6\u73fe\u6216\u8a2d\u8a08\u4e2d\u767c\u73fe\u7684\u7f3a\u9677\u548c\u6f0f\u6d1e\uff0c\u6f0f\u6d1e\u548c\u5176\u4ed6\u985e\u578b\u7684\u932f\u8aa4\uff0c\u53ef\u80fd\u6703\u4f7f\u6b63\u5728\u904b\u884c\u7684\u7cfb\u7d71\u53d7\u5230\u653b\u64ca ,\u5176\u4e2d\u4ee5\u8de8\u7ad9\u9ede\u8173\u672c\uff08XSS\uff09\u6392\u540d\u7b2c\u4e00, \u56e0\u70ba\u9664\u6613\u65bc\u767c\u73fe\u548c\u5229\u7528\u4e4b\u5916\uff0c\u653b\u64ca\u8005\u9084\u53ef\u4ee5\u5728\u6210\u529f\u5229\u7528\u5f8c\uff0c\u5b8c\u5168\u63a7\u5236\u6613\u53d7\u653b\u64ca\u7684\u7cfb\u7d71\uff0c\u7aca\u53d6\u654f\u611f\u6578\u64da\u6216\u767c\u52d5\u963b\u65b7\u670d\u52d9\u653b\u64ca\uff08DoS\uff09\u3002<\/p>\n\n\n\n

\u70ba\u4e86\u5efa\u7acb2020\u5e74\u5217\u8868\uff0cCWE\u5718\u968a\u5229\u7528\u4e86\u7f8e\u570b\u570b\u5bb6\u6a19\u6e96\u6280\u8853\u7814\u7a76\u9662\uff08NIST\uff09\u570b\u5bb6\u6f0f\u6d1e\u6578\u64da\u5eab\uff08NVD\uff09\u5167\u7684\u5e38\u898b\u6f0f\u6d1e\u548c\u66b4\u9732\uff08CVE\u00ae\uff09\u6578\u64da\u4ee5\u53ca\u5e38\u898b\u6f0f\u6d1e\u8a55\u5206\u7cfb\u7d71\uff08CVSS\uff09\u5f97\u5206\u8207\u6bcf\u500bCVE\u76f8\u95dc\u806f\u3002\u5c07\u516c\u5f0f\u61c9\u7528\u65bc\u6578\u64da\uff0c\u5c0d\u6bcf\u500b\u5f31\u9ede\u9032\u884c\u8a55\u5206\u3002MITER\u89e3\u91cb\u8aaa\uff1a<\/a>\u00a0\u201c NVD\u4ee5\u6613\u65bc\u6d88\u5316\u7684\u683c\u5f0f\u63d0\u4f9b\u8cc7\u8a0a\uff0c\u6709\u52a9\u65bc\u63a8\u52d5\u4ee5\u6578\u64da\u9a45\u52d5\u7684\u65b9\u5f0f\u5efa\u7acb2020 CWE\u00a0Top25<\/a>\u3002\u201d<\/p>\n\n\n\n

\u5b8c\u6574\u7684MITRE–Top 25\u5217\u8868\u5982\u4e0b\uff1a<\/p>\n\n\n\n

Rank<\/strong><\/td>ID<\/strong><\/td>Name<\/strong><\/td>Score<\/strong><\/td><\/tr><\/thead>
[1]<\/strong><\/td>CWE-79<\/a><\/td>Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)<\/td>46.82<\/td><\/tr>
[2]<\/strong><\/td>CWE-787<\/a><\/td>Out-of-bounds Write<\/td>46.17<\/td><\/tr>
[3]<\/strong><\/td>CWE-20<\/a><\/td>Improper Input Validation<\/td>33.47<\/td><\/tr>
[4]<\/strong><\/td>CWE-125<\/a><\/td>Out-of-bounds Read<\/td>26.50<\/td><\/tr>
[5]<\/strong><\/td>CWE-119<\/a><\/td>Improper Restriction of Operations within the Bounds of a Memory Buffer<\/td>23.73<\/td><\/tr>
[6]<\/strong><\/td>CWE-89<\/a><\/td>Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)<\/td>20.69<\/td><\/tr>
[7]<\/strong><\/td>CWE-200<\/a><\/td>Exposure of Sensitive Information to an Unauthorized Actor<\/td>19.16<\/td><\/tr>
[8]<\/strong><\/td>CWE-416<\/a><\/td>Use After Free<\/td>18.87<\/td><\/tr>
[9]<\/strong><\/td>CWE-352<\/a><\/td>Cross-Site Request Forgery (CSRF)<\/td>17.29<\/td><\/tr>
[10]<\/strong><\/td>CWE-78<\/a><\/td>Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)<\/td>16.44<\/td><\/tr>
[11]<\/strong><\/td>CWE-190<\/a><\/td>Integer Overflow or Wraparound<\/td>15.81<\/td><\/tr>
[12]<\/strong><\/td>CWE-22<\/a><\/td>Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)<\/td>13.67<\/td><\/tr>
[13]<\/strong><\/td>CWE-476<\/a><\/td>NULL Pointer Dereference<\/td>8.35<\/td><\/tr>
[14]<\/strong><\/td>CWE-287<\/a><\/td>Improper Authentication<\/td>8.17<\/td><\/tr>
[15]<\/strong><\/td>CWE-434<\/a><\/td>Unrestricted Upload of File with Dangerous Type<\/td>7.38<\/td><\/tr>
[16]<\/strong><\/td>CWE-732<\/a><\/td>Incorrect Permission Assignment for Critical Resource<\/td>6.95<\/td><\/tr>
[17]<\/strong><\/td>CWE-94<\/a><\/td>Improper Control of Generation of Code (‘Code Injection’)<\/td>6.53<\/td><\/tr>
[18]<\/strong><\/td>CWE-522<\/a><\/td>Insufficiently Protected Credentials<\/td>5.49<\/td><\/tr>
[19]<\/strong><\/td>CWE-611<\/a><\/td>Improper Restriction of XML External Entity Reference<\/td>5.33<\/td><\/tr>
[20]<\/strong><\/td>CWE-798<\/a><\/td>Use of Hard-coded Credentials<\/td>5.19<\/td><\/tr>
[21]<\/strong><\/td>CWE-502<\/a><\/td>Deserialization of Untrusted Data<\/td>4.93<\/td><\/tr>
[22]<\/strong><\/td>CWE-269<\/a><\/td>Improper Privilege Management<\/td>4.87<\/td><\/tr>
[23]<\/strong><\/td>CWE-400<\/a><\/td>Uncontrolled Resource Consumption<\/td>4.14<\/td><\/tr>
[24]<\/strong><\/td>CWE-306<\/a><\/td>Missing Authentication for Critical Function<\/td>3.85<\/td><\/tr>
[25]<\/strong><\/td>CWE-862<\/a><\/td>Missing Authorization<\/td>3.77<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

\u53e6\u5916,\u81ea2016\u5e74\u4ee5\u4f86\u4f7f\u7528\u6700\u591a\u768410\u500b\u6f0f\u6d1e<\/p>\n\n\n\n

\u4e09\u500b\u6708\u524d\u76845\u670812\u65e5\uff0c\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u548c\u57fa\u790e\u67b6\u69cb\u5b89\u5168\u5c40\uff08CISA\uff09\u548c\u806f\u90a6\u8abf\u67e5\u5c40\uff08FBI\uff09\u9084\u767c\u5e03\u4e862016\u5e74\u81f32019\u5e74\u9593\u6700\u5e38\u88ab\u5229\u7528\u7684\u5341\u5927\u5b89\u5168\u6f0f\u6d1e\u5217\u8868\u3002<\/p>\n\n\n\n

\u6839\u64da\u5169\u5bb6\u653f\u5e9c\u6a5f\u69cb–\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u548c\u57fa\u790e\u67b6\u69cb\u5b89\u5168\u5c40\uff08CISA\uff09\u548c\u806f\u90a6\u8abf\u67e5\u5c40\uff08FBI\uff09\u81ea2016\u5e74\u4ee5\u4f86\u5c0d\u7db2\u8def\u653b\u64ca\u7684\u5206\u6790\uff0c\u60e1\u610f\u884c\u70ba\u8005\u6700\u7d93\u5e38\u5229\u7528Microsoft\u7684\u5c0d\u8c61\u93c8\u63a5\u548c\u5d4c\u5165\uff08OLE\uff09\u6280\u8853\u4e2d\u7684\u6f0f\u6d1e\uff0c\u5176\u4e2dApache Struts\u7db2\u8def\u6846\u67b6\u662f\u5229\u7528\u7387\u7b2c\u4e8c\u9ad8\u7684\u6280\u8853\u3002<\/p>\n\n\n\n

CISA\u8aaa: \u201c\u5728\u524d10\u540d\u4e2d\uff0c\u4f86\u81ea\u4e2d\u570b\uff0c\u4f0a\u6717\uff0c\u671d\u9bae\u548c\u4fc4\u7f85\u65af\u7684\u570b\u5bb6\u8d0a\u52a9\u7684\u7db2\u8def\u53c3\u8207\u8005\u4e2d\u6700\u5e38\u4f7f\u7528\u7684\u4e09\u500b\u6f0f\u6d1e\u662fCVE-2017-11882\uff0cCVE-2017-0199\u548cCVE-2012-0158\uff0c\u201d\u3002\u201c\u6240\u6709\u9019\u4e09\u500b\u6f0f\u6d1e\u90fd\u8207Microsoft\u7684OLE\u6280\u8853\u6709\u95dc\u3002\u201d<\/p>\n\n\n\n

\u4f8b\u5982\uff0c\u5f9e2018\u5e7412\u6708\u958b\u59cb\uff0c\u4e2d\u570b\u99ed\u5ba2\u5ba2\u5c31\u983b\u7e41\u5229\u7528CVE-2012-0158\uff0c\u9019\u8868\u660e\u76ee\u6a19\u7d44\u7e54\u672a\u91dd\u5c0d\u6b64\u6f0f\u6d1e\u4fee\u88dc\u5176\u7cfb\u7d71\uff0c\u4e26\u4e14\u5a01\u8105\u53c3\u8207\u8005\u53ea\u8981\u767c\u73fe\u6c92\u6709\u4fee\u5fa9\u5c31\u7e7c\u7e8c\u5617\u8a66\u6feb\u7528\u6b64\u5b89\u5168\u6f0f\u6d1e\u3002 \u3002<\/p>\n\n\n\n

CISA\u9084\u8868\u793a\uff0c\u52302020\u5e74\uff0c\u7531\u65bcCOVID-19\u5927\u6d41\u884c\u7a81\u7136\u8f49\u79fb\u5230\u9060\u7aef\u5de5\u4f5c\u3002\u653b\u64ca\u8005\u4e00\u76f4\u5728\u5c08\u6ce8\u65bc\u5229\u7528\u50cfOffice 365\u9019\u6a23\u7684\u96f2\u7aef\u5354\u540c\u670d\u52d9\u7684\u5feb\u901f\u90e8\u7f72\uff0c\u4ee5\u53ca\u5229\u7528\u672a\u4fee\u88dc\u7684Pulse Secure VPN\u6f0f\u6d1e\uff08CVE-2019-11510\uff09\u548cCitrix VPN\uff08CVE-2019-19781\uff09\u3002<\/p>\n\n\n\n

\u81ea2016\u5e74\u4ee5\u4f86\u4f7f\u7528\u6700\u5ee3\u6cdb\u7684\u5341\u5927\u5b89\u5168\u6f0f\u6d1e\u7684\u5b8c\u6574\u5217\u8868\u5217:<\/p>\n\n\n\n

CVE<\/strong><\/td>Associated Malware<\/strong><\/td><\/tr>
CVE-2017-11882<\/a><\/strong><\/td>Loki, FormBook, Pony\/FAREIT<\/td><\/tr>
CVE-2017-0199<\/a><\/strong><\/td>FINSPY, LATENTBOT, Dridex<\/td><\/tr>
CVE-2017-5638<\/a><\/strong><\/td>JexBoss<\/td><\/tr>
CVE-2012-0158<\/a><\/strong><\/td>Dridex<\/td><\/tr>
CVE-2019-0604<\/a><\/strong><\/td>China Chopper<\/td><\/tr>
CVE-2017-0143<\/a><\/strong><\/td>Multiple using the EternalSynergy and EternalBlue Exploit Kit<\/td><\/tr>
CVE-2018-4878<\/a><\/strong><\/td>DOGCALL<\/td><\/tr>
CVE-2017-8759<\/a><\/strong><\/td>FINSPY, FinFisher, WingBird<\/td><\/tr>
CVE-2015-1641<\/a><\/strong><\/td>Toshliph, Uwarrior<\/td><\/tr>
CVE-2018-7600<\/a><\/strong><\/td>Kitty<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

Source: https:\/\/cwe.mitre.org\/top25\/archive\/2020\/2020_cwe_top25.html<\/a><\/p>\n\n\n\n

https:\/\/www.bleepingcomputer.com\/news\/security\/us-govt-shares-list-of-most-exploited-vulnerabilities-since-2016\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

MITRE\u516c\u5e032020\u5e74\u6700\u5371\u96aa\u768425\u500b\u8edf\u9ad4\u932f\u8aa4 \u8edf\u9ad4\u932f\u8aa4\u53ef\u4ee5\u662f\u8edf\u9ad4\u89e3\u6c7a\u65b9\u6848\u7684\u7a0b\u5f0f\u78bc\uff0c\u7d50\u69cb\uff0c\u5be6\u73fe\u6216\u8a2d\u8a08\u4e2d\u767c\u73fe\u7684\u7f3a READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-469","post","type-post","status-publish","format-standard","hentry","category-6"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/469","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=469"}],"version-history":[{"count":3,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/469\/revisions"}],"predecessor-version":[{"id":472,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/469\/revisions\/472"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=469"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=469"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=469"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}