加密钱包解决方案HashiCorp Vault被发现0-Day漏洞

Odaily

Aug 07, 2025

Odaily星球日报讯据慢雾首席信息安全官 23 pds（@im 23 pds）在 X 平台发文表示，加密货币钱包解决方案 HashiCorp Vault 被发现 0-Day 漏洞，涉及身份验证和授权、远程代码执行等方面。其中部分漏洞可绕过锁定与多因素认证保护，甚至允许攻击者实现远程代码执行（RCE），对基础设施安全构成严重威胁。Cyata 团队已与 HashiCorp 协作完成修复，建议相关机构尽快升级至最新版本。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2557500695"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2557500695\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2557500695?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-08-07 19:52","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2557500695","market":"us","top_or_hot":-1,"title":"加密钱包解决方案HashiCorp Vault被发现0-Day漏洞","media":"Odaily","content":"<html><body><div><p>Odaily星球日报讯 据慢雾首席信息安全官 23 pds（@im 23 pds） 在 X 平台发文表示，加密货币钱包解决方案 HashiCorp Vault 被发现 0-Day 漏洞，涉及身份验证和授权、远程代码执行等方面。其中部分漏洞可绕过锁定与多因素认证保护，甚至允许攻击者实现远程代码执行（RCE），对基础设施安全构成严重威胁。Cyata 团队已与 HashiCorp 协作完成修复，建议相关机构尽快升级至最新版本。</p></div></body></html>","source":"odaily_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>加密钱包解决方案HashiCorp Vault被发现0-Day漏洞</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\n加密钱包解决方案HashiCorp Vault被发现0-Day漏洞\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-08-07 19:52 北京时间&nbsp;&nbsp;&nbsp;<a href=https://www.odaily.news/zh-CN/newsflash/442307><strong>Odaily</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>Odaily星球日报讯 据慢雾首席信息安全官 23 pds（@im 23 pds） 在 X 平台发文表示，加密货币钱包解决方案 HashiCorp Vault 被发现 0-Day 漏洞，涉及身份验证和授权、远程代码执行等方面。其中部分漏洞可绕过锁定与多因素认证保护，甚至允许攻击者实现远程代码执行（RCE），对基础设施安全构成严重威胁。Cyata 团队已与 HashiCorp 协作完成修复，建议相关...</p>\n\n<a href=\"https://www.odaily.news/zh-CN/newsflash/442307\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"165523","symbol_name":"信息安全","start_time":0,"source_url":"https://www.odaily.news/zh-CN/newsflash/442307","article_id":"2557500695","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2557500695","pubTimestamp":1754567542,"columns":[],"sourceInfo":{"source_id":"odaily_live","name":"Odaily"},"weMediaInfo":null,"summary":"<div class=\"line-clamp-4 text-custom-000000/70 dark:text-custom-FFFFFF/60 text-18 font-400 tracking-1 leading-40 whitespace-pre-line\"><p>Odaily星球日报讯 据慢雾首席信息安全官 23 pds（@im 23 pds） 在 X 平台发文表示，加密货币钱包解决方案 HashiCorp Vault 被发现 0-Day 漏洞，涉及身份验证和授权、远程代码执行等方面。其中部分漏洞可绕过锁定与多因素认证保护，甚至允许攻击者实现远程代码执行（RCE），对基础设施安全构成严重威胁。Cyata 团队已与 HashiCorp 协作完成修复，建议相关机构尽快升级至最新版本。</p></div>","collect":0,"end_time":0,"defaultTopTitle":"odaily.news","property":[],"viewcount":null,"language":"zh","relate_stocks":{"165523":"信息安全","399994":"信息安全","EZBC":"比特币ETF-Franklin","BK4601":"加密货币现货ETF","GBTC":"比特币ETF-Grayscale","BTCW":"比特币ETF-Wisdom Tree","VBTC.AU":"Vaneck Bitcoin Etf","BITO":"比特币期货ETF-ProShares","FBTC":"比特币ETF-Fidelity","HODL":"比特币ETF-VanEck","BRRR":"比特币ETF-CoinShares","BK4588":"碎股","BTCO":"比特币ETF-Invesco Galaxy","DEFI":"比特币期货ETF-Hashdex","BK4585":"ETF&股票定投概念","BK4594":"比特币ETF概念","IBIT":"比特币ETF-iShares"},"translate_title":"0-Day vulnerability found in crypto wallet solution HashiCorp Vault","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"165523":1,"399994":1,"FBTC":1,"EZBC":1,"GBTC":1,"BTCO":1,"HODL":1,"BRRR":1,"BTCW":1,"VBTC.AU":1,"BITO":1,"IBIT":1,"DEFI":1},"content_text":"Odaily星球日报讯 据慢雾首席信息安全官 23 pds（@im 23 pds） 在 X 平台发文表示，加密货币钱包解决方案 HashiCorp Vault 被发现 0-Day 漏洞，涉及身份验证和授权、远程代码执行等方面。其中部分漏洞可绕过锁定与多因素认证保护，甚至允许攻击者实现远程代码执行（RCE），对基础设施安全构成严重威胁。Cyata 团队已与 HashiCorp 协作完成修复，建议相关机构尽快升级至最新版本。","kind":"live","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":true,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}