The CERT Coordination Center released an alert that several leading enterprise VPNs insecurely store session cookies insecurely in memory.
An attacker could exploit this vulnerability to take control of the company’s internal network.
Virtual Private Network (VPNs) are used to create a secure connection with another network over the internet.
The vulnerability found in the leading enterprise VPN apps that includes Cisco, Palo Alto Networks, Pulse Secure, and F5 Networks.
To keep the user session active the VPN apps generate token’s based on the user’s password and store in the computer to avoid having them to re-enter the password again.
But if the attacker gains persistent access to a VPN user’s endpoint or exfiltrates the cookie using other methods, they can replay the session and bypass other authentication methods.
An attacker would then have access to the same applications that the user does through their VPN session,” reads US-CERT advisory.
Out of the 4 affected apps, F5 Networks and Palo Alto Networks released a security update. With F5 the vulnerability is fixed in version 12.1.3 and 13.1.0 onwards. Palo Alto Networks GlobalProtect version 4.1.1 patches this vulnerability.
This vulnerability can be tracked as CVE-2019-1573, Checkpoint and pfsense apps are not affected with the vulnerability, for more than 200 vendors still, the result is unknown.
Related Read
Cloudflare Launched Warp – A New Free VPN Service for iOS and Android Users
OpenVPN – Google Cloud Allowing Remote users to Connect to Your Corporate Network & Apps over VPN
Google has released several security patches for its Chrome browser, addressing critical vulnerabilities that malicious…
Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting 693,635…
A database containing over 1,000 email accounts associated with the National Health Service (NHS) has…
Researchers from Avast have uncovered a vulnerability in the cryptographic schema of the Mallox ransomware,…
A recently discovered vulnerability in Red Hat's NetworkManager, CVE-2024-8260, has raised concerns in the cybersecurity…
Tor Browser 14.0 has been officially launched. It brings significant updates and new features to…