Pulse Safe has mounted a zero-day vulnerability within the Pulse Join Safe (PCS) SSL VPN equipment that’s being actively exploited to compromise the inner networks of protection companies and govt businesses.
Final week, cybersecurity agency FireEye revealed that menace actors actively exploited the zero-day vulnerability, tracked as CVE-2021-22893, to deploy malware on Pulse Safe units to steal credentials and supply backdoor entry to compromised networks.
A day later, US Cybersecurity and Infrastructure Safety Company (CISA) issued an emergency directive ordering federal businesses to mitigate the vulnerability inside two days by disabling the Home windows File Share Browser and Pulse Safe Collaboration options.
Pulse Safe additionally launched the Pulse Connect Secure Integrity Tool to verify if hackers modified any recordsdata on their Pulse Safe home equipment.
Safety replace launched for CVE-2021-22893
At the moment, Pulse Safe has launched a safety replace for the CVE-2021-22893 vulnerability and recommends all customers instantly set up the patch.
“The Pulse group took swift motion to offer mitigations on to the restricted variety of impacted prospects that remediates the chance to their system, and we’re happy to have the ability to ship a safety patch in such brief order to handle the vulnerability.” – Pulse Secure.
Organizations operating Pulse Join Safe 9.0RX & 9.1RX ought to instantly update to Pulse Connect Secure 9.1R11.4, which fixes the vulnerability.
Earlier than putting in the replace, it’s suggested that organizations run the Pulse Safe Integrity Device first to find out if their units had been breached and to reply accordingly.
Pulse Safe warns that organizations upgrading from Pulse Join variations earlier than 9.1R8.x might encounter points within the browser VPN consumer due to an expired certificate.
Pulse Safe released an advisory last month that comprises directions on resolve this concern.