Source: Ministry of education information & communication security contingency platform
| ublication Number | TACERT-ANA-2025031811031717 | Publication Time | 2025/03/18 11:12 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2025/03/18 11:12 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】CISA Adds 13 Newly Exploited Vulnerabilities to KEV Catalog (2025/03/10 - 2025/03/16) |
|||
| [Content] Forwarded from TWCERTCC-200-202503-00000006 [CVE-2024-13161] Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability (CVSS v3.1: 9.8) [Ransomware Exploitation: Unknown] Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability, allowing remote unauthenticated attackers to disclose sensitive information. [Affected Platforms] Please refer to the official list of affected versions: https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US [CVE-2024-13160] Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability (CVSS v3.1: 9.8) [Ransomware Exploitation: Unknown] Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability, allowing remote unauthenticated attackers to disclose sensitive information. [Affected Platforms] Please refer to the official list of affected versions: https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US [CVE-2024-13159] Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability (CVSS v3.1: 9.8) [Ransomware Exploitation: Unknown] Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability, allowing remote unauthenticated attackers to disclose sensitive information. [Affected Platforms] Please refer to the official list of affected versions: https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US [CVE-2024-57968] Advantive VeraCore Unrestricted File Upload Vulnerability (CVSS v3.1: 9.9) [Ransomware Exploitation: Unknown] Advantive VeraCore contains an unrestricted file upload vulnerability, allowing remote unauthenticated attackers to upload files to unintended directories via upload.apsx. [Affected Platforms] Versions prior to Advantive VeraCore 2024.4.2.1 [CVE-2025-25181] Advantive VeraCore SQL Injection Vulnerability (CVSS v3.1: 5.8) [Ransomware Exploitation: Unknown] Advantive VeraCore contains an SQL injection vulnerability in timeoutWarning.asp, allowing remote attackers to execute arbitrary SQL commands via the PmSess1 parameter. [Affected Platforms] Versions prior to and including Advantive VeraCore 2025.1.0 [CVE-2025-24993] Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability (CVSS v3.1: 7.8) [Ransomware Exploitation: Unknown] Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability, allowing unauthorized attackers to execute code locally. [Affected Platforms] Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24993 [CVE-2025-24991] Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability (CVSS v3.1: 5.5) [Ransomware Exploitation: Unknown] Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability, allowing authorized attackers to disclose information locally. [Affected Platforms] Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24991 [CVE-2025-24985] Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability (CVSS v3.1: 7.8) [Ransomware Exploitation: Unknown] Microsoft Windows Fast FAT file system driver contains an integer overflow vulnerability, allowing unauthorized attackers to execute code locally. [Affected Platforms] Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985 [CVE-2025-24984] Microsoft Windows NTFS Information Disclosure Vulnerability (CVSS v3.1: 4.6) [Ransomware Exploitation: Unknown] Microsoft Windows New Technology File System (NTFS) contains a vulnerability where sensitive information is inserted into log files, allowing unauthorized attackers to disclose information through physical attacks. Successful exploitation may allow attackers to read portions of heap memory. [Affected Platforms] Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24984 [CVE-2025-24983] Microsoft Windows Win32k Use-After-Free Vulnerability (CVSS v3.1: 7.0) [Ransomware Exploitation: Unknown] Microsoft Windows Win32 kernel subsystem contains a use-after-free vulnerability, allowing authorized attackers to escalate privileges locally. [Affected Platforms] Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24983 [CVE-2025-26633] Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability (CVSS v3.1: 7.0) [Ransomware Exploitation: Unknown] Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability, allowing unauthorized attackers to bypass security features locally. [Affected Platforms] Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26633 [CVE-2025-21590] Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability (CVSS v3.1: 6.7) [Ransomware Exploitation: Unknown] Juniper Junos OS contains an improper isolation or compartmentalization vulnerability, potentially allowing high-privilege local attackers to inject arbitrary code. [Affected Platforms] Please refer to the official list of affected versions: https://supportportal.juniper.net/s/article/2025-03-Out-of-Cycle-Security-Bulletin-Junos-OS-A-local-attacker-with-shell-access-can-execute-arbitrary-code-CVE-2025-21590?language=en_US [CVE-2025-24201] Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability (CVSS v3.1: 8.8) [Ransomware Exploitation: Unknown] Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit, potentially allowing maliciously crafted web content to bypass the Web Content sandbox. This vulnerability may impact HTML parsers using WebKit, including but not limited to Apple Safari and non-Apple products relying on WebKit for HTML processing. [Affected Platforms] Please refer to the official list of affected versions: https://support.apple.com/en-us/122281 https://support.apple.com/en-us/122283 https://support.apple.com/en-us/122284 https://support.apple.com/en-us/122285 Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
| [Affected Platform] Details on affected platforms can be found in the description section. |
|||
| [Recommended Actions] [CVE-2024-13161] The official patch has been released for this vulnerability. Please update to the relevant version. https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US [CVE-2024-13160] The official patch has been released for this vulnerability. Please update to the relevant version. https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US [CVE-2024-13159] The official patch has been released for this vulnerability. Please update to the relevant version. https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6?language=en_US [CVE-2024-57968] The official patch has been released for this vulnerability. Please update to the relevant version. https://advantive.my.site.com/support/s/article/VeraCore-Release-Notes-2024-4-2-1 [CVE-2025-25181] The official patch has been released for this vulnerability. Please update to the relevant version. https://advantive.my.site.com/support/s/article/Veracore-Release-Notes-2025-1-1-3 [CVE-2025-24993] The official patch has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24993 [CVE-2025-24991] The official patch has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24991 [CVE-2025-24985] The official patch has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985 [CVE-2025-24984] The official patch has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24984 [CVE-2025-24983] The official patch has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24983 [CVE-2025-26633] The official patch has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26633 [CVE-2025-21590] The official patch has been released for this vulnerability. Please update to the relevant version. https://supportportal.juniper.net/s/article/2025-03-Out-of-Cycle-Security-Bulletin-Junos-OS-A-local-attacker-with-shell-access-can-execute-arbitrary-code-CVE-2025-21590?language=en_US [CVE-2025-24201] The official patch has been released for this vulnerability. Please update to the relevant version. https://support.apple.com/en-us/122281 https://support.apple.com/en-us/122283 https://support.apple.com/en-us/122284 https://support.apple.com/en-us/122285 |
|||
| [Reference] |
|||