2 Robert Speck Parkway, Suite 298 Mississauga ON
+1 888 366 4443
info@gige.ca

Newly Discovered Vulnerabilities Raise Concern over Security of VPN

IT Services & IT Solutions Mississauga & Toronto

Newly Discovered Vulnerabilities Raise Concern over Security of VPN

   Blog Posts IT Security IT Services Network Security    December 10, 2019 |  0
new virtual private network vulnerabilities

VPNs, or Virtual Private Networks, is a secure connection between computers over the internet. It allows for data to be transferred among computers in a more secure environment than over a public network. Alex Seymour, a cybersecurity researcher at Immersive Labs, recently discovered two new VPN vulnerabilities in Aviatrix VPN: a VPN service used by enterprises such as NASA.

Seymour notes that the two vulnerabilities, named CVE-2019-17387 and CVE-2019-17388 should serve as “a wakeup call for the industry”, as VPNs are often regarded as a highly secure aspect of security solutions.

 

How dangerous are the vulnerabilities?

CVE-2019-17387 affects the operating systems Windows, Linux, and macOS. The exploit allows for cyberattackers to execute arbitrary code with elevated access. It does this by exploiting the certificate validation process that Aviatrix uses to legitimize users. By gaining access to this, sit can recreate certificates and execute code.

CVE-2019-17388 affects Windows and Linux. Seymoure discovered that on Linux operating systems, file modification privileges are weak and allow for elevated code modifications. Meanwhile on Windows systems, it was discovered that legitimate services could be replaced by malicious processes.

While the two VPN vulnerabilities described above only pertain to the Aviatrix VPN, Breakpointing Bad and the University of New Mexico have recently released information a vulnerability that allows cyberattackers to breach any VPN connection. They described the process as follows: First an attacker identifies the IP address of the VPN target. Then, the IP is used to determine the status of active connections. Finally, access the TCP session using unsolicited packets sent to the connection.

In addition to releasing information on the method of attack, the researchers also released notes on some a common method of protection: reverse path filtering Significantly, they noted that turning reverse path filtering may not be enough to prevent a VPN hijack due to the fact that the first two stages can still be successfully carried out

Don’t leave yourself unprotected against VPN exploits. Call GIGE IT Solutions at +1 888 366 4443 or info@gige.ca for more information on how to protect yourself.

 

Cloud Solutions
IT Services
IT Solutions
Hours & Info
2 Robert Speck Parkway, Suite 298, Mississauga, ON L4Z 1H8
(888) 366-4443
info@gige.ca
Mon to Fri 8:30AM-5PM
Weekends Closed

Managed IT Services

Backup Process Engineering

Telephony

IT Support Help Desk

E-mail and Remote Connection

IT Infrastructure

Security IT Services

Data Storage Management

Server OS Update

Locations

Aurora

Brampton

Hamilton

Markham

Milton

Mississauga

Newmarket

Richmond Hill

Scarborough

Toronto

Vaughan

Navigation

Home

About Our IT Support

Cloud Solutions

Managed IT Services

IT Solutions

 

©  2022 GIGE IT Solutions: IT Services Mississauga. Built using WordPress and the Mesmerize Theme

%d bloggers like this: