On Privilege Escalation Flaw Found In Forcepoint VPN

privilege escalation vulnerability discovered in Forcepoint VPN Client for Windowsdiscovered by Security Researcher Peleg Hadar of SafeBreach Labs can be used by attackers to evade detection and achieve persistence.


EXPERTS COMMENTS
Justin Jett, Director of Audit and Compliance ,  Plixer
September 23, 2019
By having a baseline of normal user behavior, organizations can understand how compromised machines have taken data off the network.
Software vulnerabilities, like the one found in Forcepoint VPN Client for Windows, can mean real problems for organizations. Once a hacker has exploited the vulnerability, they gain significant power over the end-user’s system. While it is not clear if the vulnerability also gives access to corporate resources, businesses should be certain to have access to network traffic analysis to understand how machines across the network are behaving. By having a baseline of normal user behavior, organizations can understand how compromised machines have taken data off the network or compromised other systems. For organizations with Forcepoint VPN Clients, it is important to update the software to the latest release and to monitor devices with the compromised client. By looking at their network traffic patterns, it will be easy to spot the exploited devices.

Join the Conversation

Join the Conversation


In this article