Multiple Vulnerabilities in Pulse Secure VPN

Original release date: October 16, 2019

The CERT Coordination Center (CERT/CC) has released information on multiple vulnerabilities affecting Pulse Secure Virtual Private Network (VPN). An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been targeted by advanced persistent threat (APT) actors.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources for more information and to apply the necessary updates:

CERT/CC Vulnerability Note VU#927237 Multiple Vulnerabilities in Pulse Secure VPN
Pulse Secure Security Advisory SA44101 Out-of-Cycle Advisory: Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX
National Security Agency (NSA) Cybersecurity Advisory Mitigating Recent VPN Vulnerabilities
CISA Current Activity Vulnerabilities in Multiple VPN Applications

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin