Security News > 2024 > November > CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks
2024-11-26 05:03
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that
News URL
https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html
Related news
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- CISA warns of more Palo Alto Networks bugs exploited in attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-15 | CVE-2023-28461 | Improper Authentication vulnerability in Arraynetworks Arrayos AG 9.4.0.469/9.4.0.470/9.4.0.481 Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. | 9.8 |