{"id":46240,"date":"2025-05-19T17:33:07","date_gmt":"2025-05-19T10:33:07","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=46240"},"modified":"2025-06-10T17:33:46","modified_gmt":"2025-06-10T10:33:46","slug":"sap-va-lo-hong-zero-day-thu-hai-bi-khai-thac-trong-cac-cuoc-tan-cong-gan-day","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/sap-va-lo-hong-zero-day-thu-hai-bi-khai-thac-trong-cac-cuoc-tan-cong-gan-day\/","title":{"rendered":"SAP v\u00e1 l\u1ed7 h\u1ed5ng zero-day th\u1ee9 hai b\u1ecb khai th\u00e1c trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng g\u1ea7n \u0111\u00e2y"},"content":{"rendered":"<p class=\"mt-3 excerpt\">M\u1edbi \u0111\u00e2y, c\u00f4ng ty ph\u1ea7n m\u1ec1m SAP \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 \u0111\u1ec3 gi\u1ea3i quy\u1ebft l\u1ed7 h\u1ed5ng th\u1ee9 hai b\u1ecb khai th\u00e1c trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng g\u1ea7n \u0111\u00e2y nh\u1eafm v\u00e0o m\u00e1y ch\u1ee7 SAP NetWeaver d\u01b0\u1edbi d\u1ea1ng l\u1ed7 h\u1ed5ng zero-day.<\/p>\n<div id=\"relatedPost\" class=\"mt-3 mb-3\">\n<div class=\"\">\n<ul class=\"ms-2\">\n<li class=\"d-flex\">\n<ul class=\"d-flex flex-column gap-2\">\n<li class=\"title bullet\" title=\"H\u1ecdc vi\u1ec7n K\u1ef9 thu\u1eadt m\u1eadt m\u00e3 gia nh\u1eadp Li\u00ean minh Nh\u00e2n l\u1ef1c chi\u1ebfn l\u01b0\u1ee3c th\u1ef1c thi Ngh\u1ecb quy\u1ebft 57-NQ\/TW: Ti\u1ebfp s\u1ee9c cho cu\u1ed9c c\u00e1ch m\u1ea1ng chuy\u1ec3n \u0111\u1ed5i s\u1ed1\">H\u1ecdc vi\u1ec7n K\u1ef9 thu\u1eadt m\u1eadt m\u00e3 gia nh\u1eadp Li\u00ean minh Nh\u00e2n l\u1ef1c chi\u1ebfn l\u01b0\u1ee3c th\u1ef1c thi Ngh\u1ecb quy\u1ebft 57-NQ\/TW: Ti\u1ebfp s\u1ee9c cho cu\u1ed9c c\u00e1ch m\u1ea1ng chuy\u1ec3n \u0111\u1ed5i s\u1ed1<\/li>\n<\/ul>\n<\/li>\n<li class=\"d-flex\">\n<ul class=\"d-flex flex-column gap-2\">\n<li class=\"title bullet\" title=\"\u0110\u00e1nh s\u1eadp d\u1ecbch v\u1ee5 Anyproxy v\u00e0 5socks \u0111\u01b0\u1ee3c \u0111i\u1ec1u khi\u1ec3n b\u1edfi m\u1ed9t m\u1ea1ng l\u01b0\u1edbi Botnet tr\u00ean to\u00e0n c\u1ea7u\">\u0110\u00e1nh s\u1eadp d\u1ecbch v\u1ee5 Anyproxy v\u00e0 5socks \u0111\u01b0\u1ee3c \u0111i\u1ec1u khi\u1ec3n b\u1edfi m\u1ed9t m\u1ea1ng l\u01b0\u1edbi Botnet tr\u00ean to\u00e0n c\u1ea7u<\/li>\n<\/ul>\n<\/li>\n<li class=\"d-flex\">\n<ul class=\"d-flex flex-column gap-2\">\n<li class=\"title bullet\" title=\"Th\u01b0 m\u1eddi vi\u1ebft b\u00e0i H\u1ed9i th\u1ea3o Qu\u1ed1c gia VNICT 2025 \u201cC\u00f4ng ngh\u1ec7 v\u00e0 \u1ee9ng d\u1ee5ng d\u1ef1a tr\u00ean d\u1eef li\u1ec7u\u201d\">Th\u01b0 m\u1eddi vi\u1ebft b\u00e0i H\u1ed9i th\u1ea3o Qu\u1ed1c gia VNICT 2025 \u201cC\u00f4ng ngh\u1ec7 v\u00e0 \u1ee9ng d\u1ee5ng d\u1ef1a tr\u00ean d\u1eef li\u1ec7u\u201d<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<article id=\"content\" class=\"content gradient\">C\u00f4ng ty n\u00e0y \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt cho l\u1ed7 h\u1ed5ng CVE-2025-42999 v\u00e0o ng\u00e0y 12\/5 v\u00e0 cho bi\u1ebft h\u1ecd \u0111\u00e3 ph\u00e1t hi\u1ec7n ra l\u1ed7 h\u1ed5ng trong khi \u0111i\u1ec1u tra c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/google-canh-bao-lo-hong-nghiem-trong-tren-chrome\">zero-day<\/a>, li\u00ean quan \u0111\u1ebfn m\u1ed9t l\u1ed7 h\u1ed5ng t\u1ea3i t\u1ec7p ch\u01b0a x\u00e1c th\u1ef1c kh\u00e1c (\u0111\u01b0\u1ee3c theo d\u00f5i l\u00e0 CVE-2025-31324) trong SAP NetWeaver Visual Composer \u0111\u00e3 \u0111\u01b0\u1ee3c kh\u1eafc ph\u1ee5c v\u00e0o th\u00e1ng 4. \u201cSAP \u0111\u00e3 gi\u1ea3i quy\u1ebft c\u00e1c l\u1ed7 h\u1ed5ng trong SAP NETWEAVER Visual Composer. Ch\u00fang t\u00f4i khuy\u1ebfn c\u00e1o t\u1ea5t c\u1ea3 kh\u00e1ch h\u00e0ng s\u1eed d\u1ee5ng SAP NETWEAVER c\u00e0i \u0111\u1eb7t c\u00e1c b\u1ea3n v\u00e1 n\u00e0y \u0111\u1ec3 t\u1ef1 b\u1ea3o v\u1ec7 m\u00ecnh\u201d, \u0111\u1ea1i di\u1ec7n SAP cho bi\u1ebft.<\/p>\n<p>C\u00f4ng ty an ninh m\u1ea1ng ReliaQuest (M\u1ef9) l\u1ea7n \u0111\u1ea7u ti\u00ean ph\u00e1t hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng khai th\u00e1c l\u1ed7 h\u1ed5ng CVE-2025-31324 v\u00e0o th\u00e1ng 4, b\u00e1o c\u00e1o r\u1eb1ng c\u00e1c t\u00e1c nh\u00e2n \u0111e d\u1ecda \u0111\u00e3 t\u1ea3i c\u00e1c webshell JSP l\u00ean c\u00e1c th\u01b0 m\u1ee5c c\u00f4ng khai v\u00e0 c\u00f4ng c\u1ee5 Brute Ratel, sau khi x\u00e2m ph\u1ea1m h\u1ec7 th\u1ed1ng c\u1ee7a kh\u00e1ch h\u00e0ng th\u00f4ng qua vi\u1ec7c t\u1ea3i t\u1ec7p tr\u00e1i ph\u00e9p l\u00ean SAP NetWeaver. C\u00e1c tr\u01b0\u1eddng h\u1ee3p b\u1ecb t\u1ea5n c\u00f4ng \u0111\u00e3 \u0111\u01b0\u1ee3c v\u00e1 ho\u00e0n to\u00e0n, cho th\u1ea5y nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 s\u1eed d\u1ee5ng m\u1ed9t l\u1ed7 h\u1ed5ng zero-day.<\/p>\n<p>Ho\u1ea1t \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i n\u00e0y c\u0169ng \u0111\u00e3 \u0111\u01b0\u1ee3c x\u00e1c nh\u1eadn b\u1edfi c\u00e1c c\u00f4ng ty an ninh m\u1ea1ng watchTowr v\u00e0 Onapsis. Nh\u1eefng c\u00f4ng ty \u0111\u1ebfn t\u1eeb M\u1ef9 n\u00e0y c\u0169ng \u0111\u00e3 quan s\u00e1t th\u1ea5y nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng t\u1ea3i l\u00ean c\u00e1c\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/hon-16000-thiet-bi-fortinet-bi-nhiem-symlink-backdoor\">backdoor<\/a>\u00a0webshell tr\u00ean c\u00e1c tr\u01b0\u1eddng h\u1ee3p ch\u01b0a v\u00e1 \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n tr\u1ef1c tuy\u1ebfn. H\u00e3ng b\u1ea3o m\u1eadt Forescout (M\u1ef9) \u0111\u00e3 li\u00ean k\u1ebft m\u1ed9t s\u1ed1 cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y v\u1edbi m\u1ed9t t\u00e1c nh\u00e2n \u0111e d\u1ecda\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/tin-tac-trung-quoc-loi-dung-tinh-nang-ipv6-slaac-de-tan-cong-aitm-thong-qua-cong-cu-spellbinder-doc-hai\">Trung Qu\u1ed1c<\/a>\u00a0m\u00e0 h\u1ecd theo d\u00f5i c\u00f3 t\u00ean Chaya_004.<\/p>\n<p>Patrice Auffret, Gi\u00e1m \u0111\u1ed1c c\u00f4ng ngh\u1ec7 c\u1ee7a Onyphe \u0111\u00e3 chia s\u1ebb v\u1edbi trang tin BleepingComputer v\u00e0o cu\u1ed1i th\u00e1ng 4 r\u1eb1ng: \u201cKho\u1ea3ng 20 c\u00f4ng ty thu\u1ed9c Fortune 500\/Global 500 d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng v\u00e0 nhi\u1ec1u c\u00f4ng ty trong s\u1ed1 \u0111\u00f3 \u0111\u00e3 b\u1ecb x\u00e2m ph\u1ea1m\u201d, \u0111\u1ed3ng th\u1eddi cho bi\u1ebft c\u00f3 1.284 tr\u01b0\u1eddng h\u1ee3p d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng tr\u1ef1c tuy\u1ebfn t\u1ea1i th\u1eddi \u0111i\u1ec3m \u0111\u00f3, trong \u0111\u00f3 474 tr\u01b0\u1eddng h\u1ee3p \u0111\u00e3 b\u1ecb x\u00e2m ph\u1ea1m. Shadowserver Foundation hi\u1ec7n \u0111ang theo d\u00f5i h\u01a1n 2.040 m\u00e1y ch\u1ee7 SAP Netweaver \u0111\u01b0\u1ee3c k\u1ebft n\u1ed1i v\u1edbi Internet v\u00e0 d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/dulieu.antoanthongtin.gov.vn\/tapchiantoanthongtin\/b5bc8c94-0754-47ec-9637-abd862c0ef18\/SAP_NetWeaver_vulnerable_exposed.png\" \/><\/p>\n<p><em>V\u1ecb tr\u00ed \u0111\u1ecba l\u00fd c\u1ee7a c\u00e1c m\u00e1y ch\u1ee7 SAP NetWeaver d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng tr\u1ef1c tuy\u1ebfn (ngu\u1ed3n: Shadowserver Foundation)<\/em><\/p>\n<p>Trong khi SAP kh\u00f4ng x\u00e1c nh\u1eadn r\u1eb1ng CVE-2025-42999 \u0111\u00e3 b\u1ecb khai th\u00e1c ngo\u00e0i th\u1ef1c t\u1ebf, Gi\u00e1m \u0111\u1ed1c c\u00f4ng ngh\u1ec7 c\u1ee7a Onapsis, Juan Pablo Perez-Etchegoyen cho r\u1eb1ng k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 k\u1ebft h\u1ee3p c\u1ea3 hai l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt n\u00e0y trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng k\u1ec3 t\u1eeb th\u00e1ng 01\/2025. \u00d4ng Perez-Etchegoyen chia s\u1ebb: \u201cC\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng m\u00e0 ch\u00fang t\u00f4i quan s\u00e1t \u0111\u01b0\u1ee3c v\u00e0o th\u00e1ng 3\/2025 th\u1ef1c ch\u1ea5t \u0111ang l\u1ee3i d\u1ee5ng c\u1ea3 hai l\u1ed7 h\u1ed5ng, bao g\u1ed3m CVE-2025-31324 v\u00e0 CVE-2025-42999. S\u1ef1 k\u1ebft h\u1ee3p n\u00e0y cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng th\u1ef1c hi\u1ec7n c\u00e1c\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/lo-hong-thuc-thi-ma-tu-xa-trong-chipset-mediatek-anh-huong-den-hang-trieu-nguoi-dung\">l\u1ec7nh t\u00f9y \u00fd t\u1eeb xa<\/a>\u00a0v\u00e0 kh\u00f4ng c\u1ea7n b\u1ea5t k\u1ef3 lo\u1ea1i \u0111\u1eb7c quy\u1ec1n n\u00e0o tr\u00ean h\u1ec7 th\u1ed1ng\u201d.<\/p>\n<p>Qu\u1ea3n tr\u1ecb vi\u00ean SAP \u0111\u01b0\u1ee3c khuy\u1ebfn c\u00e1o n\u00ean v\u00e1 ngay c\u00e1c phi\u00ean b\u1ea3n NetWeaver c\u1ee7a m\u00ecnh v\u00e0 c\u00e2n nh\u1eafc t\u1eaft d\u1ecbch v\u1ee5 Visual Composer n\u1ebfu c\u00f3 th\u1ec3, c\u0169ng nh\u01b0 h\u1ea1n ch\u1ebf quy\u1ec1n truy c\u1eadp v\u00e0o c\u00e1c d\u1ecbch v\u1ee5 t\u1ea3i l\u00ean (upload) metadata v\u00e0 theo d\u00f5i c\u00e1c ho\u1ea1t \u0111\u1ed9ng \u0111\u00e1ng ng\u1edd tr\u00ean m\u00e1y ch\u1ee7 c\u1ee7a m\u00ecnh.<\/p>\n<p>K\u1ec3 t\u1eeb khi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng b\u1eaft \u0111\u1ea7u, C\u01a1 quan An ninh m\u1ea1ng v\u00e0 C\u01a1 s\u1edf h\u1ea1 t\u1ea7ng M\u1ef9 (<a href=\"https:\/\/antoanthongtin.vn\/tin\/cisa-keu-goi-hanh-dong-de-thu-hep-khoang-cach-hieu-biet-ve-phan-mem\">CISA<\/a>) \u0111\u00e3 th\u00eam l\u1ed7 h\u1ed5ng CVE-2025-31324 v\u00e0o Danh m\u1ee5c l\u1ed7 h\u1ed5ng \u0111\u00e3 khai th\u00e1c \u0111\u00e3 bi\u1ebft (KEV), y\u00eau c\u1ea7u c\u00e1c c\u01a1 quan li\u00ean bang c\u1ee7a M\u1ef9 b\u1ea3o m\u1eadt h\u1ec7 th\u1ed1ng c\u1ee7a h\u1ecd tr\u01b0\u1edbc ng\u00e0y 20\/5, CISA c\u1ea3nh b\u00e1o: \u201cNh\u1eefng lo\u1ea1i l\u1ed7 h\u1ed5ng n\u00e0y th\u01b0\u1eddng l\u00e0 m\u1ee5c ti\u00eau t\u1ea5n c\u00f4ng c\u1ee7a tin t\u1eb7c v\u00e0 g\u00e2y ra r\u1ee7i ro \u0111\u00e1ng k\u1ec3 cho doanh nghi\u1ec7p li\u00ean bang\u201d.<\/p>\n<\/article>\n","protected":false},"excerpt":{"rendered":"<p>M\u1edbi \u0111\u00e2y, c\u00f4ng ty ph\u1ea7n m\u1ec1m SAP \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 \u0111\u1ec3 gi\u1ea3i quy\u1ebft l\u1ed7 h\u1ed5ng th\u1ee9 hai b\u1ecb khai th\u00e1c trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng g\u1ea7n \u0111\u00e2y nh\u1eafm v\u00e0o m\u00e1y ch\u1ee7 SAP NetWeaver d\u01b0\u1edbi d\u1ea1ng l\u1ed7 h\u1ed5ng zero-day. H\u1ecdc vi\u1ec7n K\u1ef9 thu\u1eadt m\u1eadt m\u00e3 gia nh\u1eadp Li\u00ean minh Nh\u00e2n l\u1ef1c chi\u1ebfn l\u01b0\u1ee3c th\u1ef1c [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":46241,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[24,35],"tags":[],"class_list":["post-46240","post","type-post","status-publish","format-standard","has-post-thumbnail","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/46240","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=46240"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/46240\/revisions"}],"predecessor-version":[{"id":46242,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/46240\/revisions\/46242"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/46241"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=46240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=46240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=46240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}