Security firm Ivanti says it has fixed a zero-day vulnerability in its Pulse Connect Secure (opens in new tab) (PCS) VPN (opens in new tab) appliance that was being actively exploited to compromise the internal networks of defense firms and government agencies.
A recent investigation (opens in new tab) carried out by the Cybersecurity and Infrastructure Security Agency (CISA (opens in new tab)) revealed that a zero-day vulnerability in PCS could have allowed cybercriminals to breach at least five US federal agencies.
According to cybersecurity (opens in new tab) firm FireEye (opens in new tab), the vulnerability, tracked as CVE-2021-22893, enabled threat actors to deploy malware on PCS devices in order to steal credentials and provide backdoor access to any compromised network.
- We've assembled a list of the best endpoint protection (opens in new tab) software
- These are the best firewalls (opens in new tab) on the market
- Also check out our roundup of the best disaster recovery (opens in new tab) services
FireEye has attributed the cyberattacks to hackers believed to be based in China.
Under constant threat
Ivanti responded by first releasing the Pulse Connect Secure Integrity Tool (opens in new tab) to enable users to check if hackers had modified any files on their Pulse Secure appliances.
They followed it up now by patching the vulnerability altogether with the help of CISA, FireEye and other cyber security experts.
“The Pulse team took swift action to provide mitigations directly to the limited number of impacted customers that remediates the risk to their system, and we are pleased to be able to deliver a security patch in such short order to address the vulnerability,” said Phil Richards, Chief Information Security Officer at Ivanti.
In light of the attack, Richards added that the company is making “significant investments” to enhance their overall cyber security posture, including a broader implementation of secure application development standards.
- We’ve built a list of the best business VPN (opens in new tab) solutions on the market
Via BleepingComputer (opens in new tab)