Decoding HTTP/2 Rapid Reset Zero-Day (CVE-2023-44487) Exploited
Health-ISAC is distributing this bulletin for your situational awareness.
On October 10, 2023, DDoS Protection firm CloudFlare, in conjunction with Google and Amazon AWS released a statement regarding the discovery of a zero-day vulnerability which could generate massive hyper-volumetric Distributed Denial of Service (DDoS) attacks. The largest attack ever recorded at CloudFlare before the exploit of HTTP/2 Rapid Reset Zero-Day was 71 million requests per second (rps). The attack using the CVE-2023-44487 resulted in an attack which peaked at over 201 million rps.
This zero-day was brought to the attention of Cloudflare in late August 2023 when it was being developed by an unknown threat actor. Later, Cloudflare observed this zero-day exploit being used in conjunction with DDoS botnets to create DDoS attacks with unprecedented volumes.
NOTE: On October 10, 2023, at 12pm ET, Health-ISAC’s Threat Operations Center held a Spotlight webinar to discuss what Cloudflare has seen: the vulnerability, impacts seen, and recommendations to address the issue.
- Related Resources & News
- Healthcare Heartbeat 2024 Q4
- Health-ISAC Hacking Healthcare 2-19-2025
- Podcast: Reflecting on the Change Healthcare cyberattack
- Senate Confirms Trump Pick RFK Jr. to Lead HHS
- The Alarming Backdoor Hiding in 2 Chinese Patient Monitors
- Health-ISAC 2025 Health Sector Cyber Threat Landscape
- How Health Systems Manage Security in the Cloud
- Change Healthcare Attack a Wake-up Call for the Industry
- Five High-Impact Cyberattacks Healthcare Industry Should Avoid in 2025
- Health-ISAC Hacking Healthcare 2-11-2025