The Latest in IT Security

Pulse Secure VPNs Get a Fix for Critical Zero-Day Bugs

Pulse Secure VPNs Get a Fix for Critical Zero-Day Bugs

image credit: freepik

Pulse Secure has rushed a fix for a critical zero-day security vulnerability in its Connect Secure VPN devices, which has been exploited by nation-state actors to launch cyberattacks against U.S. defense, finance and government targets, as well as victims in Europe.

Pulse Secure also patched three other security bugs, two of them also critical RCE vulnerabilities.

The zero-day flaw, tracked as CVE-2021-22893, was first disclosed on April 20 and carries the highest possible CVSS severity score, 10 out of 10. An exploit allows remote code-execution (RCE) and two-factor authentication bypass. The bug is being used in the wild to gain administrator-level access to the appliances, according to research from Pulse Secure’s parent company, Ivanti.

Read More

Comments are closed.


MONDAY, MAY 23, 2022

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments