![]() The vulnerability being exploited is CVE-2019-11510, which allows a remote unauthenticated attacker to send specially crafted requests that allow read access of arbitrary files on the Pulse Secure VPN. What has not been widely covered, but should come as no surprise, is that APT actors have been actively exploiting these vulnerabilities in order to gain access to targeted networks. The details of multiple, critical Pulse Secure SSL VPN vulnerabilities are well known they were disclosed in detail by two security researchers as part of a talk at Black Hat USA 2019 on August 7, 2019.
0 Comments
Leave a Reply. |