Decoding HTTP/2 Rapid Reset Zero-Day (CVE-2023-44487) Exploited
Health-ISAC is distributing this bulletin for your situational awareness.
On October 10, 2023, DDoS Protection firm CloudFlare, in conjunction with Google and Amazon AWS released a statement regarding the discovery of a zero-day vulnerability which could generate massive hyper-volumetric Distributed Denial of Service (DDoS) attacks. The largest attack ever recorded at CloudFlare before the exploit of HTTP/2 Rapid Reset Zero-Day was 71 million requests per second (rps). The attack using the CVE-2023-44487 resulted in an attack which peaked at over 201 million rps.
This zero-day was brought to the attention of Cloudflare in late August 2023 when it was being developed by an unknown threat actor. Later, Cloudflare observed this zero-day exploit being used in conjunction with DDoS botnets to create DDoS attacks with unprecedented volumes.
NOTE: On October 10, 2023, at 12pm ET, Health-ISAC’s Threat Operations Center held a Spotlight webinar to discuss what Cloudflare has seen: the vulnerability, impacts seen, and recommendations to address the issue.
- Related Resources & News
- Cyber Threats Know No Borders
- Health-ISAC Hacking Healthcare 1-10-2025
- Google’s rural healthcare cybersecurity initiative
- Gen Z is stealing your health data—and the consequences may be worse than you think
- Left to Our Own Devices Podcast #71: Errol Weiss
- 2025 Newsletter – January
- The Year Ahead: What Can We Expect Within the Cybersecurity Landscape?
- HHS Urges Health Sector to Beef Up OT, IoMT Security
- Defending Healthcare Facilities Against Ransomware Attacks
- Health-ISAC Hacking Healthcare 12-16-2024