Security News > 2020 > January > Pulse Secure VPN Vulnerability Still Widely Exploited, CISA Warns
The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency has warned organizations that malicious hackers continue to exploit a widely known Pulse Secure VPN vulnerability.
"Although Pulse Secure disclosed the vulnerability and provided software patches for the various affected products in April 2019, the Cybersecurity and Infrastructure Security Agency continues to observe wide exploitation of CVE-2019-11510," CISA said.
Bad Packets reported on January 10 that there were still 3,623 vulnerable Pulse Secure VPN servers, including 1,233 in the United States.
"CISA expects to see continued attacks exploiting unpatched Pulse Secure VPN environments and strongly urges users and administrators to upgrade to the corresponding fixes," CISA said.
Pulse Secure told SecurityWeek that the attackers have delivered ransomware "Through interactive prompts of the VPN interface to the users attempting to access resources through unpatched, vulnerable Pulse VPN servers."
News URL
Related news
- CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-08 | CVE-2019-11510 | Path Traversal vulnerability in Ivanti Connect Secure 8.2/8.3/9.0 In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . | 10.0 |