<ul><li>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical Aviatrix Controllers OS Command Injection vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.</li><li>The vulnerability allows unauthenticated attackers to execute arbitrary code through improper command neutralization in the API.</li><li>Threat actors have been actively exploiting the vulnerability to deploy backdoors and cryptocurrency miners.</li><li>The flaw has been addressed in patched versions, and organizations are advised to patch urgently to protect their controllers.</li></ul>

U.S. CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog

Discover more