• Vulnerabilities exploited in VPN products used worldwide

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Vulnerabilities exploited in VPN products used worldwide

    Tags:

    Author
    Topic
    Kirsty
    Manager
    October 7, 2019 at 1:58 am #1976180

    Vulnerabilities exploited in VPN products used worldwide
    APTs are exploiting vulnerabilities in several VPN products used worldwide

    Published: 2 October 2019

     
    Introduction
    The NCSC is investigating the exploitation, by Advanced Persistent Threat (APT) actors, of known vulnerabilities affecting Virtual Private Network (VPN) products from vendors Pulse secure, Palo Alto and Fortinet.

    This activity is ongoing, targeting both UK and international organisations. Affected sectors include government, military, academic, business and healthcare. These vulnerabilities are well documented in open source.

    Details
    Vulnerabilities exist in several SSL VPN products which allow an attacker to retrieve arbitrary files, including those containing authentication credentials.

    An attacker can use these stolen credentials to connect to the VPN and change configuration settings, or connect to further internal infrastructure.

    Unauthorised connection to a VPN could also provide the attacker with the privileges needed to run secondary exploits aimed at accessing a root shell.

    Top vulnerabilities
    The highest-impact vulnerabilities known to be exploited by APTs are listed below, although this is not an exhaustive list of CVEs associated with these products.

    Detecting exploitation…
    Essential mitigation…
    If you suspect exploitation…

    Download – pdf, 207 KB, 5 PAGES:
    APTs exploit multiple VPNs
    The NCSC is investigating the exploitation, by APT actors, of known vuln…

     
    Read the full article here

    NCSC-supplied information published under their Open Government Licence

    Reply | Quote
    Viewing 0 reply threads
    Author
    Replies
    • Kirsty
      Manager
      October 7, 2019 at 8:59 pm #1976733

      NSA Releases Advisory on Mitigating Recent VPN Vulnerabilities
      Original release date: October 07, 2019

      The National Security Agency (NSA) has released an advisory on advanced persistent threat (APT) actors exploiting multiple vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system.

      The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review NSA’s Cybersecurity Advisory and CISA’s Current Activity on Vulnerabilities in Multiple VPN Applications for more information and apply the necessary updates or mitigations.

       
      Reproduced in full from NCAS under their disclaimer’s rights

      1 user thanked author for this post.
      OscarCP
      Reply | Quote
    Viewing 0 reply threads
    Reply To: Vulnerabilities exploited in VPN products used worldwide

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.