Urgent: Active Command Injection Attacks on Array AG Gateways Confirmed by JPCERT - Patch Now!

Описание: JPCERT/CC has confirmed active exploitation of a command injection vulnerability in Array Networks AG Series secure access gateways since August 2025. This critical issue, rooted in the DesktopDirect feature, allows attackers to execute arbitrary commands. The vulnerability affects ArrayOS versions 9.4.5.8 and earlier, with a patch available in version 9.4.5.9. If immediate patching isn’t possible, disable DesktopDirect and use URL filtering to block access to URLs containing semicolons. Learn how to protect your systems from these ongoing attacks and understand the potential risks. Stay informed and secure your network today!
Key Topics Covered:
Command Injection Vulnerability Explained
Impact of the DesktopDirect Exploit
Mitigation Steps for Array AG Gateways
Historical Context: CVE-2023-28461 and MirrorFace Attacks
How to Stay Protected Against Emerging Threats
ArrayNetworks #JPCERT #CommandInjection #Cybersecurity #NetworkSecurity #VulnerabilityAlert #PatchManagement