Security News > 2021 > May > Pulse Secure VPNs Get Quick Fix for Critical RCE

Pulse Secure has issued a workaround for a critical remote-code execution vulnerability in its Pulse Connect Secure VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges.

May: Earlier this month, a critical zero-day flaw in Pulse Secure's Connect Secure VPN devices was being used by at least two advanced persistent threat groups, likely linked to China, to attack U.S. defense, finance and government targets, as well as victims in Europe.

That one wasn't a one-off: At the same time, Pulse Secure also patched three other security bugs, two of them also critical RCE vulnerabilities.

CISA told CNN that it was aware of at least five federal civilian agencies who were attacked through Pulse Secure VPNs. April: The FBI warned that a known arbitrary file-read Pulse Secure bug was part of five vulnerabilities under attack by the Russia-linked group known as APT29.

April: The Department of Homeland Security urged companies that use Pulse Secure VPNs to change their passwords for Active Directory accounts, because in many cases, attackers have already exploited CVE-2019-11510 to hoover up victims' credentials - and now are using those credentials to move laterally through organizations, DHS warned.

052521 13:35 UPDATE: Threatpost has requested details from Pulse Secure about whether a permanent fix is in the works.

News URL

https://threatpost.com/pulse-secure-vpns-critical-rce/166437/