Pulse Secure Patches Critical Zero-Day Flaw

Pulse Secure Patches Critical Zero-Day Flaw

Pulse Secure has patched a critical zero-day vulnerability that was being exploited by multiple APT groups to target US defense companies, among other entities.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

The security update fixes CVE-2021-22893, a critical authentication bypass vulnerability in the Pulse Connect Secure VPN product which has a CVSS score of 10.0.

It was being exploited in combination with bugs from 2019 and 2020, patched by the vendor but not applied by some organizations, to bypass multi-factor authentication on the product. This allowed attackers to deploy webshells for persistence and perform surveillance activities.

Mandiant said at the time that it had tracked 12 malware families to the exploitation of the vulnerability, and at least one state-sponsored attack group, APT5.

Reports of these attacks first started to appear around two weeks ago, with both the US Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC) issuing warnings to organizations.

Phil Richards, CSO or Pulse Secure’s parent company Ivanti, argued that the firm was making “significant investments” to improve its security posture, including enhancements to its application development processes.

“The Pulse Secure team has worked closely with CISA as well as leading forensic experts and industry groups, including Mandiant/FireEye and Stroz Friedberg, among others, to investigate and respond quickly to malicious activity that was identified on a very limited number of customer systems,” he added.

“The Pulse team took swift action to provide mitigations directly to the limited number of impacted customers that remediates the risk to their system, and we are pleased to be able to deliver a security patch in such short order to address the vulnerability.”

Richards also encouraged Pulse Secure customers to take advantage of an integrity checker tool to see if they’ve been impacted by the threat.

By admin