April 26, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Mastercard Reports Data Breach
August 26, 2019Rewterz Threat Advisory – Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities
August 27, 2019Rewterz Threat Alert – Mastercard Reports Data Breach
August 26, 2019Rewterz Threat Advisory – Cisco IOS and IOS XE Software Network-Based Application Recognition Denial of Service Vulnerabilities
August 27, 2019
Severity
High
Analysis Summary
Attackers are taking advantage of recently released vulnerability details and PoC exploit code to extract private keys and user passwords from vulnerable Pulse Connect Secure SSL VPN and Fortigate SSL VPN installations.
Attackers have been scanning for and targeting two vulnerabilities:
CVE-2019-11510, an arbitrary file reading vulnerability in Pulse Connect Secure
CVE-2018-13379, a path traversal flaw in the FortiOS SSL VPN web portal.
Both vulnerabilities can be exploited remotely by sending a specially crafted HTTPS request, don’t require authentication, and allow attackers to download files/extract sensitive information from the vulnerable servers.
Impact
- Credential theft
- Exposure of sensitive information
Affected Vendors
- Pulse Connect
- Fortigate
Affected Products
SSL VPN
Remediation
It is advised to update the vulnerable Pulse Connect Secure SSL VPN and Fortigate SSL VPN installations as soon as possible.