Multiple vulnerabilities have been discovered in PHP 7.0 prior to 7.0.23. Successful exploitation of the most severe vulnerabilities could allow a threat actor to execute arbitrary code in the affected application; failed exploitation could cause a denial-of-service condition. The NJCCIC recommends users and administrators review the PHP 7 ChangeLogand update to the latest version of PHP as soon as possible after verifying no unauthorized modifications have been made to the system.