CISA: CISA Adds One Known Exploited Vulnerability to Catalog
Hot off the press! CVE-2023-28461 (9.8 critical) Array Networks AG and vxAG ArrayOS Improper Authentication vulnerability
#CVE_2023_28461 #arraynetworks #arrayos #cisa #kev #cisakev #knownexploitedvulnerabilitiescatalog #vulnerability #eitw #activeexploitation #infosec #cybersecurity
Just a note that CVE-2023-28461 (9.8 critical) Array Networks AG and vxAG ArrayOS Improper Authentication vulnerability, added 25 November 2024 to the KEV Catalog, is known to be used in ransomware campaigns, according to CISA.
EDIT: NEW! Fancy red triangle 🔺when known to be used in ransomware campaigns.
EDIT2: Known to be exploited by the Chinese state actor "Earth Kasha" which may be related to APT10. www.trendmicro.com/...
#CVE_2023_28461 #arraynetworks #ransomware #threatintel #vulnerability #infosec #cve #eitw #activeexploitation #KnownExploitedVulnerabilitiesCatalog #kev #cisa
