更新時間:2025/06/19 09:09:51
發佈時間:2025/06/19 09:09:50
TLP:
(White)
得對外公開散布,但不得違反著作權法等相關規定
更新說明:
一、漏洞說明[1]
Windows Web Distributed Authoring and Versioning (WebDAV)係基於HTTP的延伸協定,讓使用者可以透過網頁伺服器遠端編輯及管理文件。近期資安業者[2]發現部分Windows系統執行檔在處理工作目錄時存在弱點,攻擊者可利用釣魚郵件寄送特製.url檔案,若執行後會將工作目錄指向存放有惡意程式的遠端WebDAV伺服器路徑,並以合法程式做為跳板,進一步從該遠端目錄載入並執行惡意程式。此弱點使攻擊者可在未將惡意檔案寫入受害系統本機的情況下達成遠端程式執行。
二、已揭露攻擊程式碼說明
1.資安業者[2]公告漏洞利用方式,並提供相關IoC(例如HASH、網域等)資訊。
2.CISA列入已遭利用漏洞清單[3],建議優先修補。
▶ 漏洞資訊
⌵
名稱:
CVSS向量: CVE-2025-33053
描述:
使用版本:CVSS 3.1
分析分數:8.8
參考來源: Microsoft
▶ 影響平台
⌵
影響平台-系統:
影響包括Windows Server 2008到Windows Server 2025,以及Windows 10和Windows 11等版本。
▶ 建議措施
⌵
1.Microsoft 已於2025年6月例行安全性更新中發布更新,建議會員依照單位內既有漏洞管理機制,評估後執行相關作業。
2.官方表示本次更新部分KB會影響DHCP Server service,影響多數Windows Server版本[4-6],且尚未釋出更新時程,建議會員應檢視後評估修補作業。
▶ IoC資料欄位
⌵
| 類別 | 內容 |
|---|---|
| DOMAIN | cyclingonlineshop.com |
| DOMAIN | downloadessays.net |
| DOMAIN | fastfilebackup.com |
| DOMAIN | healthherofit.com |
| DOMAIN | joinushealth.com |
| DOMAIN | luxuryfitnesslabs.com |
| DOMAIN | purvoyage.com |
| DOMAIN | radiotimesignal.com |
| DOMAIN | roundedbullets.com |
| DOMAIN | summerartcamp.net |
| DOMAIN | worryfreetransport.com |
| HASH(MD5) | 00C05D72920D62077B7C670919214339 |
| HASH(MD5) | 04409D6FB02C66E4A928C5C7BF1CF663 |
| HASH(MD5) | 2E386983AB9FE53095B66D1D14715FF6 |
| HASH(MD5) | 316F9713641F03E13CC0EE2FAE244E48 |
| HASH(MD5) | 33922ECB35A51A1F1999C4FEF4C10187 |
| HASH(MD5) | 3EF3AC25C48C8A1DAA74C01B5F695CFB |
| HASH(MD5) | 5CD9A21CA2D496210CAF3CE8362C309B |
| HASH(MD5) | 64F47CE2F7528B48C6CC9CDDC1F48FA3 |
| HASH(MD5) | 70C93643FF5171A362E05F41306F0C16 |
| HASH(MD5) | 71B625F00D53987303B6D23E0BBCBD0A |
| HASH(MD5) | 7CAE6334841A2750B8A4E801EE106A94 |
| HASH(MD5) | 7FF75C28019960479E60CD31E4F10A83 |
| HASH(MD5) | 88C47FC4A84ADBCFADA7D8EA98790252 |
| HASH(MD5) | 901CC70D54F9E247B9909DEBC0352F30 |
| HASH(MD5) | 97678CF4B8456E8AEAEC1ED9BCFDD9EB |
| HASH(MD5) | 9DD15D21FF456E525EF4FBA26EAEDC0D |
| HASH(MD5) | A17D21BAA4329D6AFFB6F0436EFC3CE2 |
| HASH(MD5) | B05DC7C8DBA865CCD3169DF3DD3AAF45 |
| HASH(MD5) | B2D5F620B672BF58A68731A68D62DC82 |
| HASH(MD5) | CDC23EB5187AE4CA82859FB818E5C3EB |
| HASH(MD5) | E9CCD7E8DB309E146445E364F48B9068 |
| HASH(MD5) | EAD247B90EBD4AAD7A4CF29F0E4EB111 |
| HASH(SHA1) | 080C5E3AB03CABD3EF39E73D7EC1FD675B0C53AC |
| HASH(SHA1) | 0A9242B24692625CA289AA47A1425A4AFC6ACEE7 |
| HASH(SHA1) | 12494915133EC45C8FD69CE7CE8C20CB53397F50 |
| HASH(SHA1) | 2D9E6BC47E0FC6FF787D88C74058603715292B57 |
| HASH(SHA1) | 403E2C078BC24636EF1BE8F6C37EC1C127DC65A9 |
| HASH(SHA1) | 4D8CF62110F705DA782742359E42A4D7501039D2 |
| HASH(SHA1) | 4F0365798D32B282BA4031B3809CF088152AB3E1 |
| HASH(SHA1) | 50190EB15D272CB579EA1324ADDDF3C989B76281 |
| HASH(SHA1) | 551CF70BF1CE0AC6CD90EB8506F6DA9367995F25 |
| HASH(SHA1) | 56BE401AC80403CAFD06A82178A80E7923F47B3E |
| HASH(SHA1) | 688AC5EC3DEF124DD4685ED069559D126311629A |
| HASH(SHA1) | 6940459F66F7E549AE0DA76B1FF3D544675E1B24 |
| HASH(SHA1) | 7E9E0F366B3E990808EDE3FDDF91E45786B10D5D |
| HASH(SHA1) | 7EB09ACEEFA1D0143AF4BBC43D6CD880E4C49FA5 |
| HASH(SHA1) | 7F728D490ED6EA64A7644049914A7F2A0E563969 |
| HASH(SHA1) | 87901A7795FE5A9934BE63BA06F4A5732A937295 |
| HASH(SHA1) | A838C877E94FEC7BF3510B353B27D4C8102CD3D6 |
| HASH(SHA1) | AD5EBD4B96F329B7B75920146D07C0A95DDA37BE |
| HASH(SHA1) | B4A9D3B870AFF5E6BCEB3928429473AD76017F03 |
| HASH(SHA1) | B9683CFC0666C77FDF88186D2D4C91AE94D1095E |
| HASH(SHA1) | B9D039157ED90A742B451EB26303DFF9D5899D54 |
| HASH(SHA1) | F141C2A4B670B7F17ADAC33E2BADA5682F7BC391 |
| HASH(SHA256) | 0598E1AF6466B0813030D44FA64616EEA7F83957D70F2F48376202C3179BD6B1 |
| HASH(SHA256) | 092C344330BD5CBA71377DEAD11946F7277F2DD4AF57F5B636B70B343BC7EBE0 |
| HASH(SHA256) | 1D95A44F341435DA50878EEA1EC0A1AAB6AE0EE91644C497378266290A6EF1D8 |
| HASH(SHA256) | 257C63A9E21B829BB4B9F8B0E352379444B0E573176530107A3E6C279D1919DA |
| HASH(SHA256) | 3259ECFB96D3D7E2D1A782B01073E02B3488A3922FD2FD35C20EEB5F44B292EC |
| HASH(SHA256) | 32F2773CEB6503F8A1C3E456D34CEDA5C188974A115E5225A1315E7EC3F8EB5E |
| HASH(SHA256) | 3B83250383C2A892E0CA86E54FCC6ACA9960FC4B425AB9853611FF3E5AA2F9C6 |
| HASH(SHA256) | 46C95AF6FEA41B55FA0AB919EC81D38A584E32A519F85812FE79A5379457F111 |
| HASH(SHA256) | 4E045C83CF429210E71E324ADCCAD8818540B9805A44C8D79A8C16C3D5F6FBB6 |
| HASH(SHA256) | 50A2B6C1B0A0D308E8016AECE9629C1BF6CA4ECC6F4CEF34C904E9C3E82355FB |
| HASH(SHA256) | 5671B3A89C0E88A9BFB0BD5BC434FA5245578BECFDEB284F4796F65EECBD6F15 |
| HASH(SHA256) | 62797E28A334E392CB56FCC26DD07F04AC031110F0E9ED8489EC0825BEEA75EB |
| HASH(SHA256) | 66A893728A0AC1A7FAE39EE134AD4182D674E719219FBF5D9B7CD4FD4F07F535 |
| HASH(SHA256) | 700B422556F070325B327325E31DDF597F98CC319F29EF8638C7B0508C632CEE |
| HASH(SHA256) | 8065C85E387654CB79A12405FF0F99FD4DDD5A5D3B9876986B82822BD10C716F |
| HASH(SHA256) | 8291B886CCE1F0474DB5B3DC269ADF31D1659B7D949F62EA23608409D14B9CEB |
| HASH(SHA256) | 9A82E21C2463D6C23A48409A862E668ED9C205468D216D2280F7DEBE1AB1DDD8 |
| HASH(SHA256) | 9ED8F51548A004AC61B7176DF12A0064DC3096088CBF3C644A9ABDB5C92936F7 |
| HASH(SHA256) | AA612F53E03539CDC8F8A94DEEE7BF31F0AC10734BB9301F4506B9113C691C97 |
| HASH(SHA256) | BA5BEB189D6E1811605B0A4986B232108D6193DCF09E5B2A603EA4448E6F263C |
| HASH(SHA256) | C5B00E8312E801DC35652C631A14270ED4EEC8F6D90D08CDDE3C6E7FD1EC24B6 |
| HASH(SHA256) | CD6335101E0187C33A78A316885A2CBF4CBBD2A72DAF64A086EDB4A2615749FB |
| HASH(SHA256) | DA3BB6E38B3F4D83E69D31783F00C10CE062ABD008E81E983A9BD4317A9482AA |
| HASH(SHA256) | DB7364296CC8F78981797FFB2AF7063BBA97E2F6631C29215D59F4979F8B4FCE |
| HASH(SHA256) | DC7CB53C5DC2E756822328A7144C29318CB871890727EFF9C8DA64A01E8E782D |
| HASH(SHA256) | DDCE79AFE9F67B78E83F6E530C3E03265533EB3F4530E7C89FDC357F7093A80B |
| HASH(SHA256) | DEC6DDA0559E381C23F1DFBE92FA4705C8455430F8278C78C170A7533B703296 |
| HASH(SHA256) | E0A44274D5EB01A0379894BB59B166C1482A23FEDE1F0EE05E8BF4F7E4E2FCC6 |
| HASH(SHA256) | F270202CD88B045630F6D2DEC6D5823AA08AA66949B9CCD20F6E924C7992FEA7 |
▶ 參考資訊
⌵
| 編號 | 網址 | 說明 |
|---|---|---|
| 1 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33053 | Microsoft |
| 2 | https://research.checkpoint.com/2025/stealth-falcon-zero-day/ | Check Point Research |
| 3 | https://www.cisa.gov/known-exploited-vulnerabilities-catalog | CISA |
| 4 | https://support.microsoft.com/en-us/topic/june-10-2025-kb5061010-os-build-14393-8148-6766ca26-dc1e-4592-b959-d0c92d6deb6f | Microsoft |
| 5 | https://support.microsoft.com/en-gb/topic/june-10-2025-kb5060531-os-build-17763-7434-32fce7e7-305d-4d32-913f-3fdc0709a763 | Microsoft |
| 6 | https://support.microsoft.com/en-us/topic/june-10-2025-kb5060526-os-build-20348-3807-4e9453c4-6602-48ea-b349-689cd66dfdb9 | Microsoft |
情資編號:
FISAC-200-202506-0001
系統目錄:
資安漏洞
資安類別:
漏洞公告 /
影響等級:
3
關鍵字:
弱點漏洞