Threat actors using a vulnerable URL could leverage the security issue, tracked as CVE-2023-28461, to facilitate arbitrary code execution or file system compromise, noted Array Networks. Such a development comes after Chinese cyberespionage operation Earth Kasha, also known as MirrorFace, was reported by Trend Micro to have launched attacks exploiting the Array Networks bug alongside Fortinet FortiOS/FortiProxy and Proself vulnerabilities. Chinese hacking operations were also recently noted by VulnCheck to account for a quarter of threat actors who deployed intrusions exploiting one or more of the 15 most exploited security flaws last year, which affect more than 440,000 online devices.
Network Security
Critical Array Networks flaw added to CISA vulnerabilities catalog
Share
Today’s columnist, Renata Budko of Forward Networks, says by easing technical debt, companies can spend less time putting out fires and more time growing the business. (Adobe Stock)
Active intrusions involving a critical web security flaw impacting Array Networks AG and vxAG secure access gateways have resulted in the bug's inclusion into the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies recommended to remediate the issue by Dec. 16, according to The Hacker News.
Threat actors using a vulnerable URL could leverage the security issue, tracked as CVE-2023-28461, to facilitate arbitrary code execution or file system compromise, noted Array Networks. Such a development comes after Chinese cyberespionage operation Earth Kasha, also known as MirrorFace, was reported by Trend Micro to have launched attacks exploiting the Array Networks bug alongside Fortinet FortiOS/FortiProxy and Proself vulnerabilities. Chinese hacking operations were also recently noted by VulnCheck to account for a quarter of threat actors who deployed intrusions exploiting one or more of the 15 most exploited security flaws last year, which affect more than 440,000 online devices.
Threat actors using a vulnerable URL could leverage the security issue, tracked as CVE-2023-28461, to facilitate arbitrary code execution or file system compromise, noted Array Networks. Such a development comes after Chinese cyberespionage operation Earth Kasha, also known as MirrorFace, was reported by Trend Micro to have launched attacks exploiting the Array Networks bug alongside Fortinet FortiOS/FortiProxy and Proself vulnerabilities. Chinese hacking operations were also recently noted by VulnCheck to account for a quarter of threat actors who deployed intrusions exploiting one or more of the 15 most exploited security flaws last year, which affect more than 440,000 online devices.
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds