The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability, CVE-2023-28461, affecting Array Networks AG and vxAG secure access gateways, to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation. This flaw, with a CVSS score of 9.8, enables unauthenticated remote code execution via a vulnerable URL and HTTP header flags. Despite a fix being available since March 2023 (version 9.4.0.484), the vulnerability is being exploited by Earth Kasha, a China-linked cyber espionage group, alongside other vulnerabilities like CVE-2023-45727 and CVE-2023-27997. Earth Kasha has targeted entities in Japan, Taiwan, India, Europe, and a European Union diplomatic entity using the ANEL backdoor. With over 440,000 exposed hosts at risk globally, organizations are urged to enhance patch management, reduce internet-facing exposure, and apply the necessary fixes by December 16, 2024.