Censys researchers pass of much than 4,000 susceptible Pulse Connect Secure hosts exposed to the Internet.
Pulse Connect Secure is a widely-deployed SSL VPN solution for distant and mobile users, for this reason, it is simply a people of attacks by aggregate menace actors.
Over the years, researchers disclosed respective terrible vulnerabilities successful the server software, successful April of 2021, CISA published a report warning of the exploitation of Pulse Connect unafraid flaws.
Now Censys researchers discovered that 4,460 Pulse Connect Secure hosts retired of 30,266 installs, which are exposed to the Internet, deficiency of information patches.
“In total, Censys has recovered 30,266 Pulse Connect Secure hosts moving connected the internet.” reads the post published by Censys. “One of the easiest ways to find these moving utilizing Censys is to hunt for a circumstantial URI that tin beryllium recovered successful the HTTP effect assemblage of a Pulse Connect Secure web service.
services.http.response.body: `/dana-na/`
Of those exposed, 4,460 hosts person been identified arsenic moving a bundle mentation vulnerable to 1 oregon much of the 7 information advisories we reviewed.”
Most of the susceptible hosts connected the Internet, 3,528 hosts, deficiency patches (SA44858) released successful August 2021 by the vendor to resoluteness the pursuing issues:
Censys besides discovered 1,841 susceptible hosts that are yet to beryllium patched against 4 issues (SA44784) addressed by the vendor successful April 2021:
Experts besides discovered 28 hosts exposed online that person yet to code a captious vulnerability, tracked arsenic CVE-2018-5299, that was disclosed successful aboriginal 2018 and addressed by the vendor with the merchandise of SA43604.
The study besides provides a Breakdown by Country (Top 20), the United States has the astir important full fig of Pulse Connect installations with 8,575 hosts, but lone 12% are missing information patches.
A worrisome script is represented by France, which has lone 1,422 Pulse Connect devices connected the Internet, but a small implicit 30% of them are moving a susceptible version.
Let maine suggest speechmaking the study which includes a batch of absorbing data.
Follow maine connected Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Pulse)
/cdn.vox-cdn.com/uploads/chorus_asset/file/24020034/226270_iPHONE_14_PHO_akrales_0595.jpg)
English (US)