Multiple advisories for various VPN providers

News by Robert Abel

The US Cybersecurity and Infrastructure Security Agency warns about multiple vulnerabilities in various VPN) applications, which could allow threat actors to take control of entire systems

The Cybersecurity and Infrastructure Security Agency (CISA) is warning users of multiple vulnerabilities in Virtual Private Network (VPN) applications.

The government agency has pointed out the vulnerabilities in the Palo Alto GlobalProtect portal and GlobalProtect Gateway interface products, FortiGuard FortiOS system product, and Pulse Security Pulse Connect Secure / Pulse Policy Secure products. These could allow threat actors to take control of entire systems, according to a US-CERT advisory issued on 26 July.

The Palo Alto products are vulnerable to a remote code execution flaw in the GlobalProtect Portal/Gateway Interface products that could allow an unauthenticated attacker to execute arbitrary code.

The issue has since been addressed in prior maintenance releases and affects PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases while PAN-OS 9.0 is not affected.

The FortiGuard FortiOS SSL VPN web portal flaw is an information disclosure vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

Affected products include FortiOS versions 5.6.3 to 5.6.7 and FortiOS versions 6.0.0 to 6.0.4 only if the SSL VPN service (web-mode or tunnel-mode) is enabled and users are encouraged to upgrade to FortiOS versions 5.6.8, 6.0.5 or 6.2.0 to secure their system. 

Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) products including an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect Secure gateway

The vulnerabilities also include a remote code execution vulnerability that can allow an authenticated administrator to perform remote code execution on Pulse Connect Secure and Pulse Policy Secure gateways.

This article was originally published on SC Media US.

Robert Abel recommends

Read more

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews