Critical Array Networks flaw added to CISA vulnerabilities catalog

Share This Post



Active intrusions involving a critical web security flaw impacting Array Networks AG and vxAG secure access gateways have resulted in the bug’s inclusion into the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities catalog, with federal agencies recommended to remediate the issue by Dec. 16, according to The Hacker News.

Threat actors using a vulnerable URL could leverage the security issue, tracked as CVE-2023-28461, to facilitate arbitrary code execution or file system compromise, noted Array Networks. Such a development comes after Chinese cyberespionage operation Earth Kasha, also known as MirrorFace, was reported by Trend Micro to have launched attacks exploiting the Array Networks bug alongside Fortinet FortiOS/FortiProxy and Proself vulnerabilities. Chinese hacking operations were also recently noted by VulnCheck to account for a quarter of threat actors who deployed intrusions exploiting one or more of the 15 most exploited security flaws last year, which affect more than 440,000 online devices.



Source link

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Do You Want To Boost Your Business?

drop us a line and keep in touch