"Over 4,000 Vulnerable Pulse Connect Secure Hosts Exposed to Internet"
Security researchers at Censys have discovered that more than 4,000 internet-accessible Pulse Connect Secure hosts are impacted by at least one known vulnerability. Touted as the most widely deployed SSL VPN solution, Pulse Connect Secure provides remote and mobile users with secure access to corporate resources. The researchers stated that Pulse Secure appliances are known for being the target of choice for both cybercriminals and state-sponsored threat actors, and government agencies have issued multiple alerts to warn of continuous exploitation of unpatched vulnerabilities in these products. Despite that, however, the number of vulnerable Pulse Connect Secure hosts remains high. The researchers found that 4,460 out of 30,266 appliances exposed to the internet lack patches. According to the researchers, roughly 3,500 of the vulnerable appliances are missing patches released in August 2021 to resolve six vulnerabilities, including a critical-severity file write bug that can be exploited to execute arbitrary code with root privileges. The researchers also discovered that over 1,800 of the vulnerable hosts have not been patched against three critical-severity issues that Pulse Secure resolved in May 2021, two weeks after warning that one of the flaws (CVE-2021-22893, CVSS score of 10) was being exploited in attacks. The researchers discovered hundreds of Pulse Connect Secure appliances still impacted by other critical vulnerabilities, including CVE-2018-5299 (CVSS score of 9.8), CVE-2018-6320 (CVSS score of 9.8), CVE-2019-11510 (CVSS score of 10), and CVE-2019-11540 (CVSS score of 9.8). According to the researchers, there are roughly 8,500 internet-accessible Pulse Connect Secure hosts in the US, 1,000 of which are impacted by a known vulnerability. Japan is in second place, with 3,000 hosts (700 vulnerable), followed by the UK and Germany with just over 1,700 hosts each (155 and 134 vulnerable ones, respectively).
SecurityWeek reports: "Over 4,000 Vulnerable Pulse Connect Secure Hosts Exposed to Internet"