Vulnerabilities in virtual private networks (VPN)

  • CERT Admin
  • Fri Oct 18 2019
  • Alerts

Systems Affected 

    ✻  Pulse Connect Secure
    ✻  Fortigate
    ✻  Palo Alto
    ↳  Palo Alto GlobalProtect SSL VPN 7.1.x < 7.1.19
    ↳  Palo Alto GlobalProtect SSL VPN 8.0.x < 8.0.12
    ↳  Palo Alto GlobalProtect SSL VPN 8.1.x < 8.1.3

Threat Level 

High 

Overview 

Vulnerabilities allows attackers to steal authentication credentials and unauthorized parties may able to connect to the VPN and steal data.

Description

Vulnerabilities exists in above VPN products which allow an attacker to retrieve arbitrary files, including those containing authentication credentials.

An attacker can use the stolen credentials to connect to the VPN and change configuration settings, or connect to further internal infrastructure. This will ultimately enable attacker to run secondary exploits targeting internal infrastructure. 

Impact 

  ✻  Steal VPN credentials.
  ✻  Data and configuration modifications.
  ✻  Connect to internal infrastructure and do more harm. 

Solution/ Workarounds 

  ✻  Update the VPN clients with latest patches. Patches are available for Pulse Secure, Fortinet and Palo Alto.
  ✻  Change your authentication credentials associated with affected VPNs and accounts connecting through them.  

References

  ✻  https://www.ncsc.gov.uk/news/alert-vpn-vulnerabilities

Disclaimer 

The information provided herein is on "as is" basis, without warranty of any kind.
 

Last updated: Fri Oct 18 2019