Email this Article Email   

CHIPS Articles: NSA Cybersecurity Advisory: Mitigating VPN Vulnerabilities

NSA Cybersecurity Advisory: Mitigating VPN Vulnerabilities
By NSA News - October 8, 2019
FORT MEADE, Md. — While actively defending our National Security Systems, NSA identifies vulnerabilities that could leave systems compromised. In response, NSA develops and issues Cybersecurity Advisories, Information sheets, Technical Reports, and Operational Risk Notices. NSA recommends users regularly review and take action based on these publications, available on NSA.gov here.

Multiple Nation State Advanced Persistent Threat (APT) actors have weaponized CVE-2019-11510, CVE-2019-11539, and CVE-2018-13379 to gain access to vulnerable VPN devices. Network administrators should apply all available software updates, automate the process to the greatest extent possible, and use the update service provided directly from the vendor. See the latest Cybersecurity Advisory here for additional information.

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer