Security News > 2020 > March > RDP and VPN use soars, increasing enterprise cyber risk

RDP and VPN use soars, increasing enterprise cyber risk
2020-03-30 11:13

Not unexpectedly, enterprise VPN use has also greatly increased, and so has the use of the Remote Desktop Protocol, a popular and common means for remotely managing a computer over a network connection.

The number of devices exposing RDP to the internet on standard ports has grown by 41.5 percent over the past month.

The number of servers running VPN protocols on different ports has jumped from nearly 7.5 million to nearly 10 million.

CVE-2019-1573, a vulnerability that made a variety of VPN applications store the authentication and session cookies insecurely in memory and/or log files.

CVE-2019-11510, an arbitrary file reading vulnerability affecting Pulse Connect Secure SSL VPN installations CVE-2018-13379, a path traversal flaw in the FortiOS SSL VPN web portal.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/2_Favms--PY/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-06-04 CVE-2018-13379 Path Traversal vulnerability in Fortinet Fortios and Fortiproxy
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
network
low complexity
fortinet CWE-22
critical
9.8
2019-05-08 CVE-2019-11510 Path Traversal vulnerability in Ivanti Connect Secure 8.2/8.3/9.0
In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .
network
low complexity
ivanti CWE-22
critical
10.0
2019-04-09 CVE-2019-1573 Missing Encryption of Sensitive Data vulnerability in Paloaltonetworks Globalprotect 4.1.0/4.1.10
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.
local
high complexity
paloaltonetworks CWE-311
2.5