美国国土安全部标记已被利用的SCADA XSS漏洞修补紧迫性上升

环球市场播报

Dec 01

　　美国国土安全部下属的网络安全和基础设施安全局（Cybersecurity and Infrastructure Security Agency，CISA）将一个存在四年的ScadaBR OpenPLC跨站脚本漏洞加入其已知被利用漏洞目录。

　　鉴于该漏洞正被积极利用，CISA的举措提醒运营商加快修复——这支撑了对帕洛阿尔托网络（PANW）等网络安全供应商的需求。

海量资讯、精准解读，尽在新浪财经APP

责任编辑：张俊 SF065

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2588779882"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2588779882\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2588779882?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-12-01 23:17","share_image_url":"https://static.laohu8.com/b0d1b7e8843deea78cc308b15114de44","id":"2588779882","market":"us","top_or_hot":-1,"title":"美国国土安全部标记已被利用的SCADA XSS漏洞 修补紧迫性上升","media":"环球市场播报","content":"<html><body><div>\n<p>　　美国国土安全部下属的网络安全和基础设施安全局（Cybersecurity and Infrastructure Security Agency，CISA）将一个存在四年的ScadaBR OpenPLC跨站脚本漏洞加入其已知被利用漏洞目录。</p>\n<p>　　鉴于该漏洞正被积极利用，CISA的举措提醒运营商加快修复——这支撑了对帕洛阿尔托网络（PANW）等网络安全供应商的需求。</p>\n<div>\n<div><img src=\"\"/></div>\n<div>海量资讯、精准解读，尽在新浪财经APP</div>\n</div>\n<p>责任编辑：张俊 SF065</p>\n</div></body></html>","source":"sina","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>美国国土安全部标记已被利用的SCADA XSS漏洞 修补紧迫性上升</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\n美国国土安全部标记已被利用的SCADA XSS漏洞 修补紧迫性上升\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-12-01 23:17 北京时间&nbsp;&nbsp;&nbsp;<a href=https://finance.sina.com.cn/stock/usstock/c/2025-12-01/doc-infzikpz1825658.shtml><strong>环球市场播报</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>美国国土安全部下属的网络安全和基础设施安全局（Cybersecurity and Infrastructure Security Agency，CISA）将一个存在四年的ScadaBR OpenPLC跨站脚本漏洞加入其已知被利用漏洞目录。\n　　鉴于该漏洞正被积极利用，CISA的举措提醒运营商加快修复——这支撑了对帕洛阿尔托网络（PANW）等网络安全供应商的需求。\n\n\n海量资讯、精准解读，尽在新浪...</p>\n\n<a href=\"https://finance.sina.com.cn/stock/usstock/c/2025-12-01/doc-infzikpz1825658.shtml\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"BK4097","symbol_name":"系统软件","start_time":0,"source_url":"https://finance.sina.com.cn/stock/usstock/c/2025-12-01/doc-infzikpz1825658.shtml","article_id":"2588779882","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2588779882","pubTimestamp":1764602220,"columns":[],"sourceInfo":{"source_id":"sina","name":"sina"},"weMediaInfo":null,"summary":"美国国土安全部下属的网络安全和基础设施安全局（Cybersecurity and Infrastructure Security Agency，CISA）将一个存在四年的ScadaBR OpenPLC跨站脚本漏洞加入其已知被利用漏洞目录。\n　　鉴于该漏洞正被积极利用，CISA的举措提醒运营商加快修复——这支撑了对帕洛阿尔托网络（PANW）等网络安全供应商的需求。\n\n\n海量资讯、精准解读，尽在新浪财经APP\n\n责任编辑：张俊 SF065","collect":0,"end_time":0,"defaultTopTitle":"sina.com.cn","property":[],"viewcount":null,"language":"zh","relate_stocks":{"BK4097":"系统软件","LU2355687059.USD":"NORDEA 1 GLOBAL IMPACT  \"BP\" (USD) ACC","BK4560":"网络安全概念","LU2095319765.USD":"Natixis Thematics Subscription Economy R/A USD","BK4532":"文艺复兴科技持仓","PANW":"Palo Alto Networks","LU0348723411.USD":"ALLIANZ GLOBAL HI-TECH GROWTH \"A\" (USD) INC","LU1989764664.SGD":"CPR Invest - Global Disruptive Opportunities A2 Acc SGD-H","LU2210150020.SGD":"Natixis Thematics Subscription Economy R/A SGD","LU1720051108.HKD":"ALLIANZ GLOBAL ARTIFICIAL INTELLIGENCE \"AT\" (HKD) ACC","LU2023250843.SGD":"Allianz Thematica Cl AT Acc H2-SGD","IE00BMPRXR70.SGD":"Neuberger Berman 5G Connectivity A Acc SGD-H","LU1917777945.USD":"安联专题基金Cl AT Acc","LU1989764748.USD":"东方汇理环球颠覆性机遇A2 Acc","LU1169590202.USD":"ALLSPRING (LUX)  U.S. SELECT EQUITY \"I\" (USD) ACC","BK4585":"ETF&股票定投概念","LU0234570918.USD":"高盛全球核心股票组合Acc Close","LU2210149790.SGD":"Natixis Thematics Subscription Economy R/A SGD-H","LU2357305700.SGD":"Allianz Global Artificial Intelligence ET H2-SGD","LU1804176565.USD":"EASTSPRING INV GLOBAL GROWTH EQUITY \"A\" (USD) ACC","LU1861215975.USD":"贝莱德新一代科技基金 A2","LU1169589451.USD":"ALLSPRING (LUX)  U.S. SELECT EQUITY \"A\" (USD) ACC","LU1548497426.USD":"安联环球人工智能AT Acc","LU1861220033.SGD":"Blackrock Next Generation Technology A2 SGD-H","IE00B19Z8W00.USD":"FTGF CLEARBRIDGE US LARGE CAP GROWTH \"A\" INC","LU2106854487.HKD":"ALLIANZ THEMATICA \"AMG\" (HKD) INC","LU2286300806.USD":"Allianz Cyber Security AT Acc USD","LU2125909759.SGD":"Natixis Thematics Safety H-R/A SGD","LU1623119135.USD":"Natixis Mirova Global Sustainable Equity R-NPF/A USD","LU2125909916.SGD":"Natixis Thematics Safety R/A SGD","LU2265009873.SGD":"Eastspring Investments - Global Growth Equity AS SGD-H","SG9999001424.SGD":"United E-Commerce Fund SGD","IE00B19Z8X17.USD":"FTGF CLEARBRIDGE US LARGE CAP GROWTH  \"AG\" (USD) ACC","LU1712237335.SGD":"Natixis Mirova Global Sustainable Equity H-R-NPF/A SGD","LU1923622291.USD":"Natixis Thematics Safety R/A USD","BK4550":"红杉资本持仓","BK4588":"碎股","LU1974910355.USD":"Allianz Thematica Cl AMg DIS USD","IE00BMPRXN33.USD":"NEUBERGER BERMAN 5G CONNECTIVITY \"A\" (USD) ACC","LU1720051017.SGD":"Allianz Global Artificial Intelligence AT Acc H2-SGD","IE00B19Z9505.USD":"美盛-美国大盘成长股A Acc","LU2023250504.SGD":"Allianz Thematica Cl AMg DIS H2-SGD","BK4598":"佩洛西持仓","BK4581":"高盛持仓"},"translate_title":"U.S. Department of Homeland Security flags exploited SCADA XSS vulnerability patch urgency rises","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"PANW":1},"content_text":"美国国土安全部下属的网络安全和基础设施安全局（Cybersecurity and Infrastructure Security Agency，CISA）将一个存在四年的ScadaBR OpenPLC跨站脚本漏洞加入其已知被利用漏洞目录。\n　　鉴于该漏洞正被积极利用，CISA的举措提醒运营商加快修复——这支撑了对帕洛阿尔托网络（PANW）等网络安全供应商的需求。\n\n\n海量资讯、精准解读，尽在新浪财经APP\n\n责任编辑：张俊 SF065","kind":"news","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}

美国国土安全部标记已被利用的SCADA XSS漏洞 修补紧迫性上升

Most Discussed

美国国土安全部标记已被利用的SCADA XSS漏洞修补紧迫性上升