While VPNs provide privacy to users, they can also threaten users security from security bugs. Recently, a unit of UK spy agency GCHQ has issued alerts for users of various VPN brands for vulnerabilities. The VPNs from Pulse secure, Fortinet, and Palo Alto have these bugs under active exploitation.
The National Cyber Security Centre (NCSC) has issued a warning for users of numerous VPNs. NCSC, which is a unit of UK’s spy agency Government Communications Headquarters (GCHQ), alerts the users for multiple VPN vulnerabilities exploited in the wild.
According to their advisory, these vulnerabilities allowed an attacker to retrieve arbitrary files and steal VPN’s login credentials. An attacker could then abuse the credentials to make changes in VPN configuration settings or gain access to internal infrastructure. The attacker could also run secondary exploits to access a root shell by exploiting these bugs.
While NCSC noticed numerous bugs under exploit, they highlighted six of these having the most impact. Two of the bugs existed in Pulse Connect Secure, three in Fortinet, and one in Palo Alto.