Vulnerability in Multiple VPN Applications

The National Cybersecurity and Communications Integration Center (NCCIC) has issued an advisory regarding the recent release of information on a vulnerability affecting multiple Virtual Private Network (VPN) applications, which are used to create secure connections with another network over the Internet. The CERT Coordination Center at Carnegie Mellon University was the first to publish an advisory on the vulnerability, which identifies the root of the problem as the applications storing authentication and/or cookies insecurely in memory and/or file logs. According to the CERT Coordination Center, if attackers have persistent access to a VPN user’s endpoint or exfiltrates the cookie using other methods, they can replay the session and bypass other authentication methods. Attackers would then have access to the same applications that the user does through their VPN session. The advisory identifies the VPN applications affected by the vulnerability and the status of product updates. Read the advisory at the CERT Coordination Center.