Print - 【Vulnerability Alert】CISA Adds Seven Known Exploited Vulnerabilities to the KEV Catalog (2025/12/15

【Vulnerability Alert】CISA Adds Seven Known Exploited Vulnerabilities to the KEV Catalog (2025/12/15–2025/12/21)

publish date : 2025-12-29 update date : 2025-12-29

Source: Ministry of education information & communication security contingency platform

"" "" ""


Publication Number	TACERT-ANA-2025122401121919	Publication Time	2025/12/24 13:28
Incident Type	ANA-Vulnerability Alert	Discovery Time	2025/12/24 13:28
Impact Level	Low
[Subject] 【Vulnerability Alert】CISA Adds Seven Known Exploited Vulnerabilities to the KEV Catalog (2025/12/15–2025/12/21)
[Content] Forwarded from TWCERTCC-200-202512-00000011 【CVE-2025-14611】Gladinet CentreStack and Triofox Hard-coded Cryptographic Key Vulnerability (CVSS v3.1: 9.8) 【Whether Ransomware Exploitation Occurred: Unknown】 Due to the implementation of its AES encryption scheme, Gladinet CentreStack and TrioFox contain a hard-coded cryptographic key vulnerability. This vulnerability reduces the security of publicly exposed endpoints and, if specially crafted requests are accepted without authentication, may be subject to arbitrary local file inclusion. 【CVE-2025-43529】Apple Multiple Products Use-After-Free WebKit Vulnerability (CVSS v3.1: 8.8) 【Whether Ransomware Exploitation Occurred: Unknown】 A use-after-free vulnerability exists in WebKit in Apple iOS, iPadOS, macOS, and other Apple products. When processing maliciously crafted web content, this vulnerability may lead to memory corruption. This vulnerability may affect all HTML parsers that use WebKit, including but not limited to Apple Safari and other non-Apple products that rely on WebKit for HTML processing. 【CVE-2025-59718】Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability (CVSS v3.1: 9.8) 【Whether Ransomware Exploitation Occurred: Unknown】 Fortinet FortiOS, FortiSwitchManager, FortiProxy, and FortiWeb contain an improper cryptographic signature verification vulnerability. This vulnerability may allow unauthenticated attackers to bypass FortiCloud SSO login authentication through specially crafted SAML messages. Please note that CVE-2025-59719 involves the same issue and has been mentioned in the same vendor advisory. Be sure to apply all patches listed in that advisory. 【CVE-2025-59374】ASUS Live Update Embedded Malicious Code Vulnerability (CVSS v3.1: 9.8) 【Whether Ransomware Exploitation Occurred: Unknown】 ASUS Live Update contains an embedded malicious code vulnerability. The client was previously modified and released without authorization due to a compromised supply chain. The modified version may cause devices that meet specific target conditions to perform unintended actions. The affected products may have reached End of Life (EoL) and/or End of Service (EoS). Users are advised to immediately discontinue use of this product. 【CVE-2025-40602】SonicWall SMA1000 Missing Authorization Vulnerability (CVSS v3.1: 6.6) 【Whether Ransomware Exploitation Occurred: Unknown】 A missing authorization vulnerability exists in SonicWall SMA1000, which may lead to privilege escalation in the affected device’s Appliance Management Console (AMC). 【CVE-2025-20393】Cisco Multiple Products Improper Input Validation Vulnerability (CVSS v3.1: 10.0) 【Whether Ransomware Exploitation Occurred: Unknown】 An improper input validation vulnerability exists in Cisco Secure Email Gateway, Secure Email, AsyncOS software, and Web Manager appliances. This vulnerability may allow threat actors to execute arbitrary commands with root privileges on the underlying operating system of affected devices. 【CVE-2025-14733】WatchGuard Firebox Out-of-Bounds Write Vulnerability (CVSS v3.1: 9.8) 【Whether Ransomware Exploitation Occurred: Unknown】 An out-of-bounds write vulnerability exists in the iked process of WatchGuard Fireware OS. This vulnerability may allow unauthenticated remote attackers to execute arbitrary code and affect IKEv2 mobile user VPNs as well as branch office VPNs using IKEv2 that are configured with dynamic gateway peers. (Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform] 【CVE-2025-14611】 Gladinet CentreStack versions earlier than 16.12.10420.56791 (exclusive) Gladinet Triofox versions earlier than 16.12.10420.56791 (exclusive) 【CVE-2025-43529】Please refer to the affected versions listed by the official sources: https://support.apple.com/en-us/125884 https://support.apple.com/en-us/125885 https://support.apple.com/en-us/125886 https://support.apple.com/en-us/125889 https://support.apple.com/en-us/125890 https://support.apple.com/en-us/125891 https://support.apple.com/en-us/125892 【CVE-2025-59718】Please refer to the affected versions listed by the official source: https://fortiguard.fortinet.com/psirt/FG-IR-25-647 【CVE-2025-59374】Please refer to the affected versions listed by the official source: https://www.asus.com/news/hqfgvuyz6uyayje1/ 【CVE-2025-40602】Please refer to the affected versions listed by the official source: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019 【CVE-2025-20393】Please refer to the affected versions listed by the official source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4 【CVE-2025-14733】Please refer to the affected versions listed by the official source: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027
[Recommended Actions] 【CVE-2025-14611】Upgrade the corresponding products to the following versions (or higher): Gladinet CentreStack 16.12.10420.56791 Gladinet Triofox 16.12.10420.56791 【CVE-2025-43529】The vendor has released security fixes for this vulnerability. Please update to the relevant versions: https://support.apple.com/en-us/125884 https://support.apple.com/en-us/125885 https://support.apple.com/en-us/125886 https://support.apple.com/en-us/125889 https://support.apple.com/en-us/125890 https://support.apple.com/en-us/125891 https://support.apple.com/en-us/125892 【CVE-2025-59718】The vendor has released security fixes for this vulnerability. Please update to the relevant versions: https://fortiguard.fortinet.com/psirt/FG-IR-25-647 【CVE-2025-59374】The vendor has released security fixes for this vulnerability. Please update to the relevant versions: https://www.asus.com/news/hqfgvuyz6uyayje1/ 【CVE-2025-40602】The vendor has released security fixes for this vulnerability. Please update to the relevant versions: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019 【CVE-2025-20393】The vendor has released security fixes for this vulnerability. Please update to the relevant versions: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4 【CVE-2025-14733】The vendor has released security fixes for this vulnerability. Please update to the relevant versions: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027
[Reference]

(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw

Organizer: Computer Center