현재 자주 악용되고 있는 취약점 목록으로, 취약한 버전의 SW를 사용 중인 경우 긴급 패치를 권고 드립니다. * 참조 링크 : https://www.cisa.gov/known-exploited-vulnerabilities-catalog| cveID | vendorProject | vulnerabilityName | dateAdded | shortDescription | requiredAction | dueDate |
|---|
| CVE-2013-3893 | Microsoft | Microsoft Internet Explorer Resource Management Errors Vulnerability | 2025-08-12 | Microsoft Internet Explorer contains a memory corruption vulnerability that allows for remote code execution. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization. | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | 2025-09-02 |
|---|
| CVE-2007-0671 | Microsoft | Microsoft Office Excel Remote Code Execution Vulnerability | 2025-08-12 | Microsoft Office Excel contains a remote code execution vulnerability that can be exploited when a specially crafted Excel file is opened. This malicious file could be delivered as an email attachment or hosted on a malicious website. An attacker could leverage this vulnerability by creating a specially crafted Excel file, which, when opened, allowing an attacker to execute remote code on the affected system. | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | 2025-09-02 |
|---|
| CVE-2025-8088 | RARLAB | RARLAB WinRAR Path Traversal Vulnerability | 2025-08-12 | RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files. | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | 2025-09-02 |
|---|
|
|
로그인
보안공지