政府電腦保安事故協調中心 - 保安警報 (A26-03-03): Cisco 產品多個漏洞

描述:

Cisco 發布了安全性更新，以應對數個 Cisco 裝置及軟件的多個漏洞。有關漏洞及攻擊向量的資料，請參閱供應商網站的相應安全公告。

受影響的系統:

Cisco IOS XE Software
Cisco FirePOWER Services
Cisco Open Source Snort 3
Cisco Secure Endpoint Connector
Cisco Secure Endpoint Cloud
Cisco Secure Firewall Adaptive Security Appliance Software
Cisco Secure Firewall Management Center Software
Cisco Secure Firewall Threat Defense Software
Cisco Security Cloud Control Firewall Management
Cisco Webex

有關受影響產品的詳細資料，請參閱供應商網站的相應安全公告中有關 “Affected Products” 的部分。

影響:

成功利用漏洞可以導致受影響的系統發生遠端執行程式碼、服務被拒絕、權限提升、泄漏資訊、繞過保安限制、仿冒詐騙或篡改，視乎攻擊者利用哪些漏洞而定。

建議:

現已有適用於受影響系統的軟件更新。受影響系統的系統管理員應遵從產品供應商的建議，立即採取行動以降低風險。有關修補程式的詳細資料，請參閱供應商網站的相應安全公告中有關 “Fixed Software” 的部分。

系統管理員可聯絡其產品支援供應商，以取得修補程式及有關支援。

進一步資訊:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-FCvLD6vR
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-scpcxt-filecpy-rgeP73nE
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-keybypass-cr5xPUSf
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-aclbypass-dos-CVxVRSvQ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-desync-n5AVzEQw
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-esp-dos-uv7yD8P5
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-eBueGdEG
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-luainject-VescqgmS
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospf-ZH8PhbSW
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-LktTrwZP
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-dos-SpOFF2Re
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-m9sx6MbC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-xss-uwjc4HR
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-css-Fn4QSZ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inject-S9ZM4EJf
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-injection-2qH6CcJd
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmd-inj-mTzGZexf
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dnd-dos-bpEcg7B7
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-bypass-rLggKzVF
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-vbavuls-96UcVVed
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3ssl-FBEKYXpH
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-rHfqnwRg
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dir-trav-wERgjhWq
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-multi-dos-XFWkWSwz
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-TZFTbbwN
https://www.hkcert.org/tc/security-bulletin/cisco-products-multiple-vulnerabilities_20260305
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20001 (to CVE-2026-20003)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20005 (to CVE-2026-20009)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20013 (to CVE-2026-20018)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20020 (to CVE-2026-20025)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20039
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20049 (to CVE-2026-20050)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20052 (to CVE-2026-20054)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20057 (to CVE-2026-20058)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20062 (to CVE-2026-20070)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20073
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20079
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20082
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20100 (to CVE-2026-20103)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20105 (to CVE-2026-20106)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20149

標籤 : Cisco , Cisco IOS , Cisco Firepower , Cisco Open Source Snort , Cisco Secure Endpoint , Cisco Secure Firewall , Cisco SCC Firewall Management