Security News > 2024 > November > CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks
2024-11-26 05:03
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that
News URL
https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html
Related news
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- CISA: Medusa ransomware hit over 300 critical infrastructure orgs (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Critical GitHub Attack (source)
- Critical Cisco Smart Licensing Utility flaws now exploited in attacks (source)
- CISA tags NAKIVO backup flaw as actively exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-15 | CVE-2023-28461 | Improper Authentication vulnerability in Arraynetworks Arrayos AG 9.4.0.469/9.4.0.470/9.4.0.481 Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. | 9.8 |