<ul><li>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog.</li><li>Array Networks' AG Series and vxAG (versions 9.4.0.481 and earlier) are impacted by a remote code execution vulnerability.</li><li>Attackers can exploit the SSL VPN gateway without authentication by accessing the filesystem via an HTTP header flags attribute and a vulnerable URL.</li><li>CISA has ordered federal agencies to fix this vulnerability by December 16, 2024.</li></ul>

U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog

Discover more