Recently disclosed vulnerabilities affecting enterprise virtual private network (VPN) products from Fortinet and Pulse Secure have been exploited in the wild, a researcher reported on Thursday.
Researcher Kevin Beaumont said he spotted attempts to exploit the flaws via BinaryEdge. The targeted security holes are CVE-2018-13379, a high-risk path traversal vulnerability in the FortiOS SSL VPN web portal, and CVE-2019-11510, a critical arbitrary file read vulnerability in Pulse Connect Secure.
Both vulnerabilities allow remote, unauthenticated attackers to access arbitrary files on the targeted systems.
Details of the flaws were first disclosed in July by Orange Tsai and Meh Chang of the research team at security consulting firm DEVCORE. The duo discovered many serious vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure products, and warned that they could be exploited by attackers to infiltrate corporate networks, obtain sensitive information, and eavesdrop on communications.
The researchers also discussed their findings at the Black Hat and DEFCON conferences earlier this month. Several proof-of-concept (PoC) exploits were made public after their presentations.
In Pulse Secure products, the experts found a total of 7 vulnerabilities, including ones that could be combined to achieve remote code execution. Five security holes were found in the FortiGate SSL VPN, including two that could be chained for remote code execution.
The impacted vendors released patches and advisories before the details of the vulnerabilities were made public.
According to Beaumont, ..
Support the originator by clicking the read the rest link below.
