Ethical Hacking News
A critical security flaw in Array Networks AG's secure access gateways has emerged as a major concern for IT administrators worldwide, highlighting the need for robust threat intelligence and patch management practices. Organizations are advised to apply the patches by December 16, 2024, to secure their networks against ongoing attacks.
The Array Networks AG secure access gateways have a critical security flaw that has emerged as a major concern for IT administrators worldwide. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-28461 to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation in the wild. The vulnerability allows an attacker to execute arbitrary code remotely by exploiting missing authentication on the SSL VPN gateway. Array Networks has released patches for version 9.4.0.484, and organizations are recommended to apply these patches as soon as possible. The Federal Civilian Executive Branch (FCEB) agencies are advised to apply the patches by December 16, 2024, to secure their networks.
The cybersecurity landscape has been increasingly plagued by an onslaught of vulnerabilities and exploits, leaving numerous organizations scrambling to keep up with the evolving threats. In this context, a critical security flaw in Array Networks AG's secure access gateways has emerged as a major concern for IT administrators worldwide.
According to recent reports from The Hacker News (THN), the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Array Networks' CVE-2023-28461 vulnerability to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. This vulnerability, which carries a CVSS score of 9.8, allows an attacker to execute arbitrary code remotely by exploiting missing authentication on the SSL VPN gateway using flags attributes in HTTP headers without authentication.
Array Networks has already released patches for this security shortcoming with version 9.4.0.484, and it is imperative that organizations affected by this vulnerability apply these patches as soon as possible. In light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies are recommended to apply the patches by December 16, 2024, to secure their networks.
This critical vulnerability has significant implications for organizations with remote access to Array Networks' products and services. The exploitability of this vulnerability, coupled with its high CVSS score, underscores the severity of the threat it poses. In a recent report from THN, cybersecurity company Trend Micro revealed that an Earth Kasha (aka MirrorFace) cyber espionage group has been exploiting security flaws in public-facing enterprise products such as Array AG, Proself, and Fortinet FortiOS/FortiProxy for initial access.
The Earth Kasha group is notorious for its extensive targeting of Japanese entities, although it has also been observed attacking Taiwan, India, and Europe. This group's exploits demonstrate the need for organizations to stay vigilant in monitoring their networks for signs of unauthorized activity and applying patches as soon as they become available.
The inclusion of this vulnerability in CISA's KEV catalog serves as a stark reminder of the ongoing threat landscape that organizations face every day. As noted by VulnCheck, 15 different Chinese hacking groups out of a total of 60 named threat actors have been linked to the abuse of at least one of the top 15 routinely exploited vulnerabilities in 2023. This highlights the need for robust threat intelligence and patch management practices.
Furthermore, the disclosure of this vulnerability comes as numerous organizations are under increasing pressure to prioritize network security and protect sensitive data. In light of the array of emerging threats and ongoing cybersecurity incidents, IT administrators must be proactive in their efforts to secure networks and prevent exploitation.
In conclusion, the critical Array Networks vulnerability serves as a stark reminder of the ever-evolving threat landscape that organizations face every day. As CISA's KEV catalog has underscored, it is imperative for organizations to take immediate action to apply patches and address this vulnerability to protect against ongoing attacks.
Related Information:
https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html
https://nvd.nist.gov/vuln/detail/CVE-2023-28461
https://www.cvedetails.com/cve/CVE-2023-28461/
Published: Tue Nov 26 00:00:02 2024 by llama3.2 3B Q4_K_M
