{"id":3572,"date":"2025-03-19T21:49:44","date_gmt":"2025-03-19T21:49:44","guid":{"rendered":"https:\/\/securitybriefing.net\/?p=3572"},"modified":"2025-03-19T21:49:48","modified_gmt":"2025-03-19T21:49:48","slug":"cisa-%ea%b0%80%ec%9e%a5-%ec%9c%84%ed%97%98%ed%95%9c-%ec%b7%a8%ec%95%bd%ec%a0%90-%eb%aa%a9%eb%a1%9d%ec%97%90-%ec%84%b8-%ea%b0%80%ec%a7%80-%ec%83%88%eb%a1%9c%ec%9a%b4-%ec%b7%a8%ec%95%bd%ec%a0%90","status":"publish","type":"post","link":"https:\/\/securitybriefing.net\/ko\/%eb%89%b4%ec%8a%a4\/cisa-%ea%b0%80%ec%9e%a5-%ec%9c%84%ed%97%98%ed%95%9c-%ec%b7%a8%ec%95%bd%ec%a0%90-%eb%aa%a9%eb%a1%9d%ec%97%90-%ec%84%b8-%ea%b0%80%ec%a7%80-%ec%83%88%eb%a1%9c%ec%9a%b4-%ec%b7%a8%ec%95%bd%ec%a0%90\/","title":{"rendered":"CISA, \"\uac00\uc7a5 \uc704\ud5d8\ud55c\" \ubaa9\ub85d\uc5d0 \uc138 \uac00\uc9c0 \uc0c8\ub85c\uc6b4 \ucde8\uc57d\uc810\uc744 \ucd94\uac00\ud569\ub2c8\ub2e4: \uc54c\uc544\uc57c \ud560 \uc0ac\ud56d"},"content":{"rendered":"

\uc0ac\uc774\ubc84 \ubcf4\uc548 \ubc0f \uc778\ud504\ub77c \ubcf4\uc548 \uae30\uad00(CISA)\uc740 \ucd5c\uadfc \ud574\ucee4\ub4e4\uc774 \uc2dc\uc2a4\ud15c \ud574\ud0b9\uc5d0 \uc545\uc6a9\ud558\uace0 \uc788\ub294 \uc138 \uac00\uc9c0 \uc0c8\ub85c\uc6b4 \ubcf4\uc548 \ucde8\uc57d\uc810\uc774 \ud3ec\ud568\ub41c \ucd5c\uc2e0 \uc54c\ub824\uc9c4 \uc775\uc2a4\ud50c\ub85c\uc787 \ucde8\uc57d\uc810(KEV) \uce74\ud0c8\ub85c\uadf8\ub97c \ubc1c\ud45c\ud588\uc2b5\ub2c8\ub2e4. \uc774 \uacf5\uc9c0\uc758 \uc911\uc694\uc131\uc740 CISA\uc758 \uacbd\uace0\uac00 \uc774\ub860\uc801\uc778 \uc0c1\ud669\uc744 \ub098\ud0c0\ub0b4\ub294 \uac83\uc774 \uc544\ub2c8\ub77c \uc2e4\uc81c \uacf5\uaca9\uc5d0 \uc545\uc6a9\ub418\uace0 \uc788\ub2e4\ub294 \uc810\uc5d0\uc11c \ud655\uc2e4\ud55c \ucde8\uc57d\uc810\uc774\ub77c\ub294 \uc0ac\uc2e4\uc5d0 \uadfc\uac70\ud569\ub2c8\ub2e4.<\/p>\n\n\n

\ubb34\uc5c7\uc774 \ucd94\uac00\ub418\uc5c8\ub098\uc694?<\/strong><\/h2>\n\n\n

\uc774 \uc138 \uac00\uc9c0 \ucde8\uc57d\uc810\uc744 \uc77c\uc0c1\uc801\uc778 \uc5b8\uc5b4\ub85c \ubc88\uc5ed\ud574 \ubcf4\uaca0\uc2b5\ub2c8\ub2e4:<\/p>\n\n\n

1. \uc5d0\ub514\ub9e5\uc2a4 IP \uce74\uba54\ub77c \ucde8\uc57d\uc810(CVE-2025-1316)<\/strong><\/h2>\n\n\n
\"\uc5d0\ub514\ub9e5\uc2a4<\/figure>\n\n\n\n

\uc5d0\uc11c \uc5b8\uae09\ub41c \ubcf4\uc548 \ubb38\uc81c\ub294 Edimax IC-7100 \ubcf4\uc548 \uce74\uba54\ub77c<\/a> \ub294 \uc18c\uc704 \"\uba85\ub839 \uc778\uc81d\uc158\"\uc744 \uc758\ubbf8\ud569\ub2c8\ub2e4. \uacf5\uaca9\uc790\ub294 \uce74\uba54\ub77c\uac00 \uc720\ud574\ud55c \ucf54\ub4dc\ub97c \uc2e4\ud589\ud558\ub3c4\ub85d \ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc9d1\uc774\ub098 \uc0ac\ubb34\uc2e4\uc5d0 \uc774\ub7ec\ud55c \uce74\uba54\ub77c\ub97c \uc124\uce58\ud558\uba74 \uad8c\ud55c\uc774 \uc5c6\ub294 \uc0ac\uc6a9\uc790\uac00 \uce74\uba54\ub77c \ud53c\ub4dc\uc5d0 \uc561\uc138\uc2a4\ud558\uc5ec \uc124\uc815\uc744 \ubcc0\uacbd\ud558\uac70\ub098 \ub124\ud2b8\uc6cc\ud06c\uc758 \ub2e4\ub978 \ub514\ubc14\uc774\uc2a4\ub97c \uacf5\uaca9\ud558\ub294 \ub370 \uc0ac\uc6a9\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n

2. \ub098\ud0a4\ubcf4 \ubc31\uc5c5 \uc18c\ud504\ud2b8\uc6e8\uc5b4 \ucde8\uc57d\uc810(CVE-2024-48248)<\/strong><\/h2>\n\n\n
\"\ub098\ud0a4\ubcf4<\/figure>\n\n\n\n

\ub098\ud0a4\ubcf4<\/a> \ub294 \ub9ce\uc740 \uae30\uc5c5\uc5d0\uc11c \ub370\uc774\ud130 \ubcf4\ud638\ub97c \uc704\ud574 \uc0ac\uc6a9\ud558\ub294 \ubc31\uc5c5 \ubc0f \ubcf5\uad6c \uc194\ub8e8\uc158\uc744 \uac1c\ubc1c\ud569\ub2c8\ub2e4. \ubb38\uc81c\uc758 \uacb0\ud568\uc744 \"\uc808\ub300 \uacbd\ub85c \ud0d0\uc0c9<\/a>'\ub97c \ud1b5\ud574 \uacf5\uaca9\uc790\uac00 \ubcfc \uc218 \uc5c6\ub294 \ud30c\uc77c\uc5d0 \uc561\uc138\uc2a4\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc774\ub294 \ubc31\uc5c5\uc5d0 \ubbfc\uac10\ud55c \ub370\uc774\ud130\uac00 \ud3ec\ud568\ub418\ub294 \uacbd\uc6b0\uac00 \ub9ce\uc740 \ubc31\uc5c5 \uc18c\ud504\ud2b8\uc6e8\uc5b4\uc758 \uacbd\uc6b0 \ud2b9\ud788 \uc704\ud5d8\ud569\ub2c8\ub2e4. \uc774 \ucde8\uc57d\uc810\uc744 \uc545\uc6a9\ud55c \uce68\uc785\uc790\ub294 \ubc31\uc5c5\ub41c \ub370\uc774\ud130\uc5d0 \uc561\uc138\uc2a4\ud558\uc5ec \ub370\uc774\ud130\ub97c \ud6d4\uce58\uac70\ub098 \uc0ad\uc81c\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n

3. SAP \ub137\uc704\ubc84 \ucde8\uc57d\uc810(CVE-2017-12637)<\/strong><\/h2>\n\n\n
\"SAP<\/figure>\n\n\n\n

\uc774\ub294 \uac70\uc758 8\ub144 \uc804\uc778 2017\ub144\uc5d0 \ub098\uc628 \uac83\uc774\uae30 \ub54c\ubb38\uc5d0 \ud2b9\ud788 \uc911\uc694\ud569\ub2c8\ub2e4. SAP NetWeaver\ub294 \ub2e4\uc591\ud55c \ud575\uc2ec \ube44\uc988\ub2c8\uc2a4 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc744 \uc218\ud589\ud558\ub294 \uae30\uc220 \ud50c\ub7ab\ud3fc \uc911 \ud558\ub098\uc785\ub2c8\ub2e4. \uc774\ub7ec\ud55c \uaca9\ucc28\ub294 \ubc14\ub85c \"\ub514\ub809\ud1a0\ub9ac \ud0d0\uc0c9<\/a>'\ub97c \ud1b5\ud574 \uce68\uc785\uc790\uac00 \uc81c\ud55c\ub418\uc9c0 \uc54a\uc740 \ud30c\uc77c\uacfc \ub514\ub809\ud130\ub9ac\ub97c \uc190\uc5d0 \ub123\uc744 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc218\ub144\uc774 \uc9c0\ub0ac\uc74c\uc5d0\ub3c4 \ubd88\uad6c\ud558\uace0 \ub9ce\uc740 \uc2dc\uc2a4\ud15c\uc774 \ud328\uce58\uc758 \uc601\ud5a5\uc744 \ubc1b\uc9c0 \uc54a\ub294\ub2e4\ub294 \uc0ac\uc2e4 \ub54c\ubb38\uc5d0 \uacf5\uaca9\uc790\ub4e4\uc774 \uc774 \ud328\uce58\ub97c \uc545\uc6a9\ud558\uace0 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n

\uc774\uac83\uc774 \ubaa8\ub450\uc5d0\uac8c \uc911\uc694\ud55c \uc774\uc720<\/strong><\/h2>\n\n\n

CISA\uc758 \uac00\uc774\ub4dc\ub77c\uc778\uc740 \uc5f0\ubc29 \uc815\ubd80 \uae30\uad00\uc5d0\ub9cc \uc758\ubb34\uc801\uc73c\ub85c \uc801\uc6a9\ub418\uc9c0\ub9cc, KEV \uce74\ud0c8\ub85c\uadf8\ub294 \uc218\uc815\ud574\uc57c \ud560 \uac00\uc7a5 \uc911\uc694\ud55c \ubc84\uadf8\ub97c \uc120\uc815\ud558\ub294 \uac00\uc7a5 \ucd5c\uc2e0\uc758 \uc790\ub8cc\ub85c \uc124\uc815\ub418\uc5b4 \uc788\uc2b5\ub2c8\ub2e4. \uc774 \ubaa9\ub85d\uc5d0 \ubc84\uadf8\uac00 \ud3ec\ud568\ub418\uc5c8\ub2e4\ub294 \uac83\uc740 \ub2e4\uc74c\uacfc \uac19\uc740 \uac83\uc744 \uc758\ubbf8\ud569\ub2c8\ub2e4:<\/p>\n\n\n\n