By
Brad D. Williams on May 03, 2021 at 4:06 PM
WASHINGTON: Pulse Connect Secure today released a security patch for its virtual private network (VPN) product that is widely used by federal agencies, critical infrastructure operators, and the defense industrial base. The VPN allows the federal workforce to access enterprise networks from remote locations.
Ivanti, the parent company of the VPN developer, said it worked with CISA and other entities to address the zero-day vulnerability originally disclosed just weeks ago. This vulnerability is one of four that are being actively exploited in the wild. The other three vulnerabilities have been known since at least last year and have patches currently available.
minute read
Share this article:
The security flaw tracked as CVE-2021-22893 is being used by at least two APTs likely linked to China, to attack U.S. defense targets among others.
Pulse Secure has rushed a fix for a critical zero-day security vulnerability in its Connect Secure VPN devices, which has been exploited by nation-state actors to launch cyberattacks against U.S. defense, finance and government targets, as well as victims in Europe.
Pulse Secure also patched three other security bugs, two of them also critical RCE vulnerabilities.
Join Threatpost for “Fortifying Your Business Against Ransomware, DDoS & Cryptojacking Attacks” a LIVE roundtable event on Wednesday, May 12 at 2:00 PM EDT for this FREE webinar sponsored by Zoho ManageEngine.
Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack
Ivanti, the company behind Pulse Secure VPN appliances, has released a security patch to remediate a critical security vulnerability that was found being actively exploited in the wild by at least two different threat actors.
Tracked as CVE-2021-22893 (CVSS score 10), the flaw concerns multiple use after free issues in Pulse Connect Secure that could allow a remote unauthenticated attacker to execute arbitrary code and take control of the affected system. All Pulse Connect Secure versions prior to 9.1R11.4 are impacted.
The flaw came to light on April 20 after FireEye disclosed a series of intrusions targeting defense, government, and financial organizations in the U.S. and elsewhere by leveraging critical vulnerabilities in the remote access solution to bypass multi-factor authentication protections and breach enterprise networks.
iTWire Monday, 03 May 2021 10:02 Five US Government agencies attacked through Pulse Secure VPNs
Shares Image by Abigall Maddison from Pixabay
At least five US Government agencies have been breached in the latest attack aimed at the government, an official at the Cybersecurity and Infrastructure Security Agency says. CISA is aware of at least five federal civilian agencies who have run the Pulse Connect Secure Integrity Tool and identified indications of potential unauthorised access, deputy executive assistant director of Cybersecurity, Matt Hartman, said in
CNN. We are working with each agency to validate whether an intrusion has occurred and will offer incident response support accordingly.