US-CERT, CISA Warn of Vuln in at Least 4 Major VPNs

US-CERT, CISA Warn of Vuln in at Least 4 Major VPNs

At least four major vendors could be enabling attackers to do the very thing VPNs are made to protect against.

The Cybersecurity and Infrastructure Security Agency issued a warning today after US-CERT reported that multiple VPN vendors store authentication and/or session cookies insecurely in memory and/or log files.

“If an attacker has persistent access to a VPN user’s endpoint or exfiltrates the using other methods, they can replay the session and bypass other authentication methods,” the US-CERT advisory states. “An attacker would then have access to the same applications that the user does through their VPN session.”

US-CERT confirmed that Cisco, Palo Alto Networks, F5 Networks and Pulse Secure products are affected by this . However, the issue is repaired in the latest versions of Palo Alto’s products and partly fixed in F5’s.

Source: https://www.darkreading.com/vulnerabilities—threats/us-cert-cisa-warn-of-vuln-in-at-least-4-major-vpns/d/d-id/1334413?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Leave a Reply