The Cybersecurity and Infrastructure Security Agency (CISA) is warning users of multiple vulnerabilities in Virtual Private Network (VPN) applications.
The vulnerabilities are in the Palo Alto GlobalProtect portal and GlobalProtect Gateway interface products, FortiGuard FortiOS system product, and Pulse Security Pulse Connect Secure / Pulse Policy Secure products and could allow threat actors to take control of entire systems, according to a July 26 US-CERT advisory.
The Palo Alto products are vulnerable to a remote code execution flaw in the GlobalProtect Portal/Gateway Interface products that could allow an unauthenticated attacker to execute arbitrary code.
The issue has since been addressed in prior maintenance releases and affects PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases while PAN-OS 9.0 is not affected.
The FortiGuard FortiOS SSL VPN web portal flaw is an information disclosure vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.
Affected products include FortiOS versions 5.6.3 to 5.6.7 and FortiOS versions 6.0.0 to 6.0.4 only if the SSL VPN service (web-mode or tunnel-mode) is enabled and users are encouraged to upgrade to FortiOS versions 5.6.8, 6.0.5 or 6.2.0 to secure their system.
Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) products including an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect Secure gateway
The vulnerabilities also include a remote code execution vulnerability that can allow an authenticated administrator to perform remote code execution on Pulse Connect Secure and Pulse Policy Secure gateways.