Microsoft의 June 2025 Patch Tuesday에서 65개 CVE에 대응 (CVE-2025-33053)
Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild....
BadSuccessor에 대해 자주 묻는 질문
Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller....
CVE-2025-32756: 다수의 Fortinet 제품에서 제로데이 취약성이 널리 악용됨
Fortinet has observed threat actors exploiting CVE-2025-32756, a critical zero-day arbitrary code execution vulnerability which affects multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera....
CVE-2025-4427, CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) 원격 코드 실행
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
Microsoft의 May 2025 Patch Tuesday에서 71개 CVE(CVE-2025-32701, CVE-2025-32706, CVE-2025-30400)에 대응
Microsoft addresses 71 CVEs including seven zero-days, five of which were exploited in the wild....
수정 시간 단축이 여전히 도전 과제: Tenable Vulnerability Watch가 도움이 되는 방식
조직의 운영에 가장 큰 위험이 되는 노출의 우선 순위를 지정하는 데 어려움을 겪고 있으므로 적시에 취약성 수정은 조직에게 계속해서 도전 과제가 됩니다. 기존 점수 시스템은 중요하지만 컨텍스트가 부족할 수 있습니다. Tenable의 Vulnerability Watch 분류가 도움이 될 수 있는 방식...
CVE-2025-31324: SAP NetWeaver의 제로데이 취약성이 널리
SAP에서는 위협 행위자들이 악용하고 있는 SAP NetWeaver에 중요 제로데이 취약성, CVE-2025-31324를 해결하는 특별 패치를 배포했습니다. 가능한 조기에 패치를 적용할 것을 강력하게 권장합니다....
CVE-2025-32433: Erlang/OTP SSH 인증되지 않은 원격 코드 실행 취약성
Proof-of-concept code has been released after researchers disclosed a maximum severity remote code execution vulnerability in Erlang/OTP SSH. Successful exploitation could allow for complete takeover of affected devices....
MITRE CVE 프로그램 만료 및 갱신에 대해 자주 묻는 질문
Concerns about the future of the MITRE CVE Program continue to circulate. The Tenable Security Response Team has created this FAQ to help provide clarity and context around this developing situation....
Oracle April 2025 중요 패치 업데이트에서 171개 CVE에 대응
Oracle addresses 171 CVEs in its second quarterly update of 2025 with 378 patches, including 40 critical updates.BackgroundOn April 15, Oracle released its Critical Patch Update (CPU) for April 2025, the second quarterly update of the year. This CPU contains fixes for 171 unique CVEs in 378 security...
MITRE CVE 프로그램 자금 지원 1년 연장
MITRE’s CVE program has been an important pillar in cybersecurity for over two decades. While CISA secured funding on April 16 to extend the program for the next year, the lack of clarity surrounding its long-term future creates great uncertainty about how newly discovered vulnerabilities will be ca...
Microsoft의 April 2025 Patch Tuesday에서 121개 CVE에 대응(CVE-2025-29824)
Microsoft addresses 121 CVEs including one zero-day which was exploited in the wild....