December 5, 2019

Infosecurity Magazine: Vulnerabilities Discovered in VPN Used by NASA

Heading 1

Heading 2

Heading 3

Heading 4

Heading 5
Heading 6

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

Block quote

Ordered list

  1. Item 1
  2. Item 2
  3. Item 3

Unordered list

  • Item A
  • Item B
  • Item C

Text link

Bold text

Emphasis

Superscript

Subscript

This is some text inside of a div block.
This is some text inside of a div block.
Contributors
Share

A virtual private network (VPN) used by NASA, Shell, and BT has been found to have multiple vulnerabilities. 

Weaknesses in the Aviatrix VPN were detected by Immersive Labs researcher and content engineer Alex Seymour on October 7, 2019. 

The multiple local privilege escalation vulnerabilities Seymour discovered would have allowed an attacker who already had access to a machine to escalate privileges and achieve anything they wanted. With the extra level of privileges, the attacker would have been able to dive into files, folders, and network services that the user would not previously have been able to access.

Trusted by top companies worldwide
to enhance cybersecurity

What Our Customers
Are Saying About Immersive

Realistic simulation of current threats is the only way to test and improve response readiness, and to ensure that the impact of a real attack is minimized. Immersive’s innovative platform, combined with Kroll’s extensive experience, provides the closest thing to replication of a real incident — all within a safe virtual environment.

Paul Jackson
Regional Managing Director, APAC Cyber Risk, Kroll

The speed at which Immersive produces technical content is hugely impressive, and this turnaround has helped get our teams ahead of the curve, giving them hands-on experience with serious vulnerabilities, in a secure environment, as soon as they emerge.

TJ Campana
Head of Global Cybersecurity Operations, HSBC

We no longer worry about managing infrastructure, leaving us free to build great courses.

Daniel Duggan
Director, Zero-Point Security

Ready to Get Started?
Get a Live Demo.

Simply complete the form to schedule time with an expert that works best for your calendar.