Jump to the main content block
  1. Home
  2. Information Security
  3. Vulnerability Alert

【Vulnerability Alert】CISA Adds Four Newly Exploited Vulnerabilities to the KEV Catalog (2025/12/01–2025/12/07) (CVE-2025-48633) (CVE-2025-48572) (CVE-2021-26828) (CVE-2025-55182)

publish date : 2025-12-12 update date : 2025-12-12

Source: Ministry of education information & communication security contingency platform

"" "" ""

Publication Number TACERT-ANA-2025121001123030 Publication Time 2025/12/10 13:37
Incident Type ANA-Vulnerability Alert Discovery Time 2025/12/10 13:37
Impact Level Low  
[Subject]
【Vulnerability Alert】CISA Adds Four Newly Exploited Vulnerabilities to the KEV Catalog (2025/12/01–2025/12/07) (CVE-2025-48633) (CVE-2025-48572) (CVE-2021-26828) (CVE-2025-55182)

[Content]
Forwarded from TWCERTCC-200-202512-00000002

【CVE-2025-48633】Android Framework Information Disclosure Vulnerability (CVSS: Not Yet Available)

【Whether Ransomware Exploitation Occurred: Unknown】 An unspecified vulnerability exists in the Android Framework, which may lead to information disclosure.

【CVE-2025-48572】Android Framework Privilege Escalation Vulnerability (CVSS: Not Yet Available)

【Whether Ransomware Exploitation Occurred: Unknown】 An unspecified vulnerability exists in the Android Framework, which may lead to privilege escalation.

【CVE-2021-26828】OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability (CVSS v3.1: 8.8)

【Whether Ransomware Exploitation Occurred: Unknown】 OpenPLC ScadaBR contains an unrestricted dangerous file upload vulnerability that allows authenticated remote users to upload and execute arbitrary JSP files through view_edit.shtm.

【CVE-2025-55182】Meta React Server Components Remote Code Execution Vulnerability (CVSS v3.1: 10.0)

【Whether Ransomware Exploitation Occurred: Unknown】 Meta React Server Components contains a remote code execution vulnerability. An attacker can achieve remote code execution without authentication by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints.

Information Sharing Level: WHITE (Information content can be publicly disclosed)

[Affected Platform]
【CVE-2025-48633】Please refer to the affected versions listed by the official source: https://source.android.com/docs/security/bulletin/2025-12-01

【CVE-2025-48572】Please refer to the affected versions listed by the official source: https://source.android.com/docs/security/bulletin/2025-12-01

【CVE-2021-26828】OpenPLC ScadaBR Linux versions prior to 0.9.1 (inclusive) OpenPLC ScadaBR Windows versions prior to 1.12.4 (inclusive)

【CVE-2025-55182】Please refer to the affected versions listed by the official source: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components

[Recommended Actions]
【CVE-2025-48633】The vendor has released a patch for the vulnerability. Please update to the relevant versions: https://source.android.com/docs/security/bulletin/2025-12-01

【CVE-2025-48572】The vendor has released a patch for the vulnerability. Please update to the relevant versions: https://source.android.com/docs/security/bulletin/2025-12-01

【CVE-2021-26828】Upgrade the corresponding products to the following versions (or higher): OpenPLC ScadaBR Linux versions later than 0.9.1 (exclusive) OpenPLC ScadaBR Windows versions later than 1.12.4 (exclusive)

【CVE-2025-55182】The vendor has released a patch for the vulnerability. Please update to the relevant versions: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components
[Reference]
 
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center
Click Num:
Print