CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

CVE-2023-28461 Array Networks AG and vxAG ArrayOS Improper Authentication Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See theÂBOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

July 26, 2024 0 Comments 0 tags

Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder

CISA and Partners Unveil Cybersecurity Guide For Civil Society Groups

May 14, 2024 0 Comments 0 tags

The guide is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses

Initial Ransomware Demands Jump 20% to $600,000 in 2023

February 20, 2024 0 Comments 0 tags

Arctic Wolf found that the median ransomware demand was $600,000 in 2023, a 20% rise on the previous year