Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Vulnerability in Pulse Secure: Pulse Connect Secure (PCS)
Image
Published : 27/08/2019
Reference:
Advisory #2019-020
Version:
1.0
Affected software:
Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4.
Type:
arbitrary file reading vulnerability
CVE/CVSS:
CVE: 2019-11510 CVE Score: 8.8 (CVSS 3.0), 6.5 (CVSS 2.0)
Sources
https://badpackets.net/over-14500-pulse-secure-vpn-endpoints-vulnerable-to-cve-2019-11510/
Risks
This arbitrary file reading vulnerability (CVE-2019-11510) allows sensitive information disclosure enabling unauthenticated attackers to access private keys and user passwords.
Description
Hackers are actively unleashing attacks that attempt to steal encryption keys, passwords, and other sensitive data from vulnerable Pulse Secure VPN servers. The vulnerabilities can be exploited by sending unpatched servers Web requests that contain a special sequence of characters. This would then give the ability to an attacker to access private keys and user passwords.
Further exploitation using the leaked credentials can lead to remote command injection (CVE-2019-11539) and allow attackers to gain access inside the private VPN network.
Recommended Actions
CERT.be recommends all System administrators to upgrade their vulnerable Pulse Secure instances to version 9.1R1 and above.
References
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/