VPN provider Pulse Secure on Monday advised customers to instantly apply a security cover. The company delivered the patch last April to highlight a critical, remotely executable fault in some forms of its products.
Tracked as CVE-2019-1150, the fault seeks to deliver ransomware on enterprise systems and to erase data holdups and incapacitate endpoint security tools.
Among those thought impacted in the continuing campaign is travel insurance and currency exchange provider Travelex, which underwent a huge service disruption this week after a reported ransomware attack on its systems on New Year’s Eve.
Involving the use of ransomware known as REvil (Sodinokibi), the attack compelled the company to take all of its systems offline and to turn to manual operations at branches all over the globe.
Travelex did not respond instantly to a Dark Reading request seeking an update on the happening.
UK security researcher Kevin stated at least two organizations that have so far been affected by recent attacks targeting the Pulse Secure VPN fault.
“Pulse Secure publicly provided a patch fix on April 24, 2019 that should be immediately applied to the Pulse Connect Secure [VPN],” says Scott Gordon, chief marketing officer at Pulse Secure. “Do not delay as the CVE-2019-1150 vulnerability is highly critical,” he warns.
The fault in numerous versions of Pulse Connect Secure and Pulse Policy Secure offers remote attackers a chance to link via HTTPS to an enterprise network without necessitating any valid username or password.
The security susceptibility is one of numerous that were exposed last year in VPN products from Pulse Secure, Palo Alto Networks, and Fortinet. Faults like these are considered particularly hazardous because they exist in the products that companies rely on for defense against cyber threats. Pulse Secure and plentiful others have frequently advised organizations with weak systems to apply the patch as soon as possible.