Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Funding/M&A

Over 4,000 Vulnerable Pulse Connect Secure Hosts Exposed to Internet

More than 4,000 internet-accessible Pulse Connect Secure hosts are impacted by at least one known vulnerability, attack surface management firm Censys warns.

More than 4,000 internet-accessible Pulse Connect Secure hosts are impacted by at least one known vulnerability, attack surface management firm Censys warns.

Touted as the most widely deployed SSL VPN solution, Pulse Connect Secure provides remote and mobile users with secure access to corporate resources. The VPN appliance is part of Ivanti’s portfolio, after it acquired Pulse Secure in 2020.

Pulse Secure appliances are known for being the target of choice for both cybercriminals and state-sponsored threat actors, and government agencies have issued multiple alerts to warn of continuous exploitation of unpatched vulnerabilities in these products.

Despite that, however, the number of vulnerable Pulse Connect Secure hosts remains high, Censys’ latest report shows: 4,460 out of 30,266 appliances exposed to the internet lack patches.

According to the report, roughly 3,500 of the vulnerable appliances are missing patches released in August 2021 to resolve six vulnerabilities, including a critical-severity file write bug that can be exploited to execute arbitrary code with root privileges.

Censys also discovered that over 1,800 of the vulnerable hosts have not been patched against three critical-severity issues that Pulse Secure resolved in May 2021, two weeks after warning that one of the flaws (CVE-2021-22893, CVSS score of 10) was being exploited in attacks.

The cybersecurity firm discovered hundreds of Pulse Connect Secure appliances still impacted by other critical vulnerabilities, including CVE-2018-5299 (CVSS score of 9.8), CVE-2018-6320 (CVSS score of 9.8), CVE-2019-11510 (CVSS score of 10), and CVE-2019-11540 (CVSS score of 9.8).

According to Censys, there are roughly 8,500 internet-accessible Pulse Connect Secure hosts in the US, 1,000 of which are impacted by a known vulnerability. Japan is in second place, with 3,000 hosts (700 vulnerable), followed by the UK and Germany with just over 1,700 hosts each (155 and 134 vulnerable ones, respectively).

Advertisement. Scroll to continue reading.

Related: CISA Details Additional Malware Targeting Pulse Secure Appliances

Related: Critical Code Execution Vulnerability Patched in Pulse Connect Secure

Related: Patching Pulse Secure VPN Not Enough to Keep Attackers Out, CISA Warns

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...