By: Wade Whittle
In case you missed it, recently it was announced that 3 vendors have a significant vulnerability in their VPN applications and are strongly recommending that everyone upgrade to newer versions. These vulnerabilities could allow bad actors to take remote control of the device of the unpatched system. Each vendor had previously released the necessary patches and notified all of their known clients of the issue through email. We are all too aware that these alert emails will sometimes be classified as marketing, or just plain missed in the onslaught of emails we receive on a daily basis. It is important, if you have any of these products, that you verify the version you are running and that you are patched appropriately.
Palo Alto Networks (CVE-2019-1579)
As listed in the Security Advisory PAN-SA-2019-00200 published on July 24th, there was a remote execution vulnerability in the GlobalProtect Gateway and Portal. PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases. PAN-OS 9.0 is not affected.
It is important that you are running the following versions: PAN-OS 7.1.19 and later, PAN-OS 8.0.12 and later, and PAN-OS 8.1.3 and later releases.
If you are unable to upgrade to the patched versions we recommend that you have threat prevention running and updated to at least version 8173 or disable GlobalProtect.
Pulse Secure ( CVE-2019-11540)
On April 24th Pulse secure published Security advisory SA44101 resolving multiple vulnerabilities, including the remote execution vulnerability. They are recommending that everyone upgrade to Pulse Connect Secure versions 9.0RX or 8.3RX, or Pulse Policy Secure 9.0RX or 5.4RX.
On May 24th Fortinet posted Security Alert, FG-IR-18-384, notifying their users that were using the SSL-VPN feature that there was a vulnerability to allow bad actors to download critical FortiOS files. They recommended that their users upgrade to FortiOS 5.6.8, 6.0.5 or 6.2.0 or disable the SSL-VPN service until they can upgrade. The affected versions FortiOS 5.6.3 to 5.6.7 and FortiOS 6.0.0 to 6.0.4.
Wade Whittle has been a Cybersecurity practitioner for over 20 years, consulting for organizations from large multinationals to state and local governments. In his spare time, Wade is a volunteer firefighter.
If you are unsure of your vulnerabilities, or would like help in managing these or any upgrades, please reach out to us. Contact Sales@fcltd.net or call 817-510-1100.