Tag
#vpn
9 posts tagged #vpn.
-
Analysis · Jun 4, 2026 · Colten Anderson
The GlobalProtect bypass deadline already passed, but you might not be affected
CVE-2026-0257 is a GlobalProtect auth bypass with a KEV deadline that's come and gone. Whether it touches you comes down to a 60-second config check, not your PAN-OS version.
-
Analysis · May 25, 2026 · Colten Anderson
SonicWall patched CVE-2024-12802 and left the bug in place on Gen6
The firmware update closes the code path but does not rewrite the LDAP config the exploit actually uses. On Gen6, that distinction is the whole vulnerability.
-
Analysis · May 20, 2026 · Colten Anderson
They read one file off the VPN gateway and left with your whole Active Directory
CVE-2024-24919 is filed as 'information disclosure.' On a Check Point gateway that meant unauthenticated file read, which meant password hashes, which meant ntds.dit within hours. It was a zero-day for a month before disclosure, and patching it doesn't undo the theft.
-
Analysis · May 20, 2026 · Colten Anderson
A 2020 bug leaked VPN passwords. The orgs that survived had MFA.
CVE-2020-3259 lets an unauthenticated attacker read Cisco ASA memory, sometimes including VPN credentials in cleartext. Akira ransomware used it for initial access years after the patch. The control that turned a leaked password into a non-event was multi-factor authentication.
-
Analysis · May 20, 2026 · Colten Anderson
The unlocked side door on your Cisco VPN was the default group nobody configured
CVE-2023-20269 let attackers brute-force Cisco ASA VPN credentials and establish unauthorized sessions, both by abusing default connection profiles that ship enabled. Akira and LockBit used it for initial access. The fix is patching plus hardening the defaults you never touched.
-
Analysis · May 20, 2026 · Colten Anderson
Palo Alto GlobalProtect CVE-2019-1579: another VPN gateway, another pre-auth RCE
CVE-2019-1579 was a pre-authentication remote code execution in Palo Alto's GlobalProtect SSL-VPN. It's one more entry in the longest-running story in this catalog: the SSL-VPN gateway as a perennial, pre-auth-RCE-prone perimeter target.
-
Analysis · May 20, 2026 · Colten Anderson
2021 was open season on SonicWall's appliances, remote access and email alike
In 2021, SonicWall's SMA/SRA remote-access appliances and its Email Security product were both hit by zero-day exploitation, by ransomware crews and APTs. Seven of those CVEs are in the catalog, several used before patches existed.
-
Analysis · May 20, 2026 · Colten Anderson
Akira's favorite front door is a SonicWall SSL-VPN, and it's fast
Three SonicWall bugs, CVE-2024-40766, CVE-2024-53704, and CVE-2025-23006, feed the same outcome: Akira ransomware through the SSL-VPN. In one campaign, the time from SonicWall access to encrypted files was 55 minutes. Several of these bugs walk past MFA.
-
Analysis · Apr 28, 2026 · Colten Anderson
What patching looks like when you support the whole mess: endpoints, M365, identity, browsers, VPN, and line-of-business tools
Patching isn't Windows Updates anymore. A tour of the six surfaces a real shop patches every week.