Ongoing intrusions targeting GitLab instances impacted by the maximum severity account takeover vulnerability, tracked as CVE-2023-7028, have prompted the flaw's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security issue by May 22, reports BleepingComputer.
No further information regarding the attacks involving the flaw, which could be exploited to facilitate password reset email delivery and eventual account takeover, has been provided. However, CISA emphasized that there has been no indication of any exploitation in ransomware incidents.
"These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," said CISA. Such a development comes as more than 2,000 internet-exposed GitLab instances were discovered by Shadowserver to remain unpatched against CVE-2023-7028, which is less than half of the vulnerable instances identified in January when the fixes were issued by GitLab.
