Attackers are Targeting Vulnerable Fortigate and Pulse Secure SSL VPNs

September 2, 2019 Published in: News Author: Vedran Bozicevic

Attackers are taking advantage of recently released vulnerability details and PoC exploit code to extract private keys and user passwords from vulnerable Pulse Connect Secure SSL VPN and Fortigate SSL VPN installations.

Attackers have been scanning for and targeting two vulnerabilities:

  • CVE-2019-11510, an arbitrary file reading vulnerability in Pulse Connect Secure
  • CVE-2018-13379, a path traversal flaw in the FortiOS SSL VPN web portal.

Both vulnerabilities can be exploited remotely by sending a specially crafted HTTPS request, don’t require authentication, and allow attackers to download files/extract sensitive information from the vulnerable servers.

Fixes exist for both: Pulse Secure released them in April and Fortinet in May, months before Devcore researchers Meh Chang and Orange Tsai shared their discovery with the audience at Black Hat USA 2019.

The researchers also released technical details and PoC exploit code for the Fortigate flaw earlier this month and plan to do the same for the Pulse Secure one soon.

cloud attack vectors

Read more: Help Net Security

Vedran Bozicevic

I am a digital marketer with several years of experience with various types of online marketing technologies and channels. Before joining GlobalDots, my experience included working as a content marketing manager for a software development company, and several others marketing positions where I worked on digital marketing strategies and channels.

Our Story

GlobalDots helps companies to evaluate, purchase, and integrate cloud services by acting as a neutral consultancy layer between vendors and customers with a keen focus on optimizing performance, workflows, and costs.

We're in the unique position to orchestrate full-stack, multi-vendor architectures such as multi-CDN, CDN+WAF+AWS, CDN+Mobile App optimization, dual-DNS, and other interesting setups.

Bad Bot Report 2019

Learn everything you need to know about Bad Bot threats by downloading your FREE copy of Bad Bot Report 2019.

CDN Buyer’s Guide

Find out the most important tips&tricks before selecting your next CDN provider in this FREE guide.

Modern Web Security Guide

Find out all the specifics about web threats by downloading our FREE Field Guide to Modern Web Security.