19 April 2021

NSA, CISA and FBI expose 5 security vulnerabilities exploited by nation-state hackers


NSA, CISA and FBI expose 5 security vulnerabilities exploited by nation-state hackers

The U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) released a joint advisory warning that Russia-linked hackers are exploiting five known vulnerabilities in popular enterprise equipment to gain access to corporate networks.

“Mitigation against these vulnerabilities is critically important as U.S. and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors,” the three agencies said. “NSA, CISA, and FBI strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations.”

The five vulnerabilities shared by the NSA, CISA, and FBI are as follows:

CVE-2018-13379 Fortinet FortiGate VPN - a path traversal issue in the FortiOS SSL VPN web portal. The vulnerability allows a remote attacker to perform directory traversal attacks.

CVE-2019-9670 Synacor Zimbra Collaboration Suite - an XML External Entity injection issue in Zimbra Collaboration Suite that allows a remote attacker to gain access to sensitive information.

CVE-2019-11510 Pulse Secure Pulse Connect Secure VPN - a path traversal issue in Pulse Connect Secure that allows a remote hacker to read arbitrary files on the system.

CVE-2019-19781 Citrix Application Delivery Controller and Gateway - a path traversal and remote code execution issue in Citrix ADC and Gateway that allows a remote attacker to perform directory traversal attacks.

CVE-2020-4006 VMware Workspace ONE Access - a remote code execution issue in VMware products.

Back to the list

Latest Posts

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024
Sophisticated malware campaign targeting end-of-life routers and IoT devices

Sophisticated malware campaign targeting end-of-life routers and IoT devices

A recent campaign targeted over 6,000 ASUS routers in less than 72 hours.
27 March 2024
Chinese APT groups target Southeast Asian nations in cyberespionage campaigns

Chinese APT groups target Southeast Asian nations in cyberespionage campaigns

The observed cyberattack employed phishing emails as the primary method of infiltration.
27 March 2024