{"id":271830,"date":"2024-01-25T02:11:10","date_gmt":"2024-01-25T07:11:10","guid":{"rendered":"https:\/\/sftarticles.wpenginepowered.com\/es\/?p=325292"},"modified":"2025-07-01T17:10:00","modified_gmt":"2025-07-02T00:10:00","slug":"this-vpn-has-problems-attacked-by-hackers-and-issues-for-its-users","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/this-vpn-has-problems-attacked-by-hackers-and-issues-for-its-users\/","title":{"rendered":"This VPN has problems: attacked by hackers and issues for its users"},"content":{"rendered":"\n<p>A group of hackers that <strong>could work for the Chinese Government<\/strong> has exploited two serious vulnerabilities in <strong>Ivanti<\/strong> VPN devices to infect networks worldwide. These vulnerabilities would allow attackers to bypass two-factor authentication and execute malicious code on systems using <strong>Ivanti Connect Secure<\/strong>, a very popular <a href=\"https:\/\/en.softonic.com\/articles\/5-vpn-favorites-softonic-celebrate-international-day-vpn\" target=\"_blank\" rel=\"noopener\" title=\"\">VPN<\/a>.<\/p>\n\n\n<div class=\"sc-card-program\">\r\n  <div class=\"sc-card-program__body\">\r\n    <div class=\"sc-card-program__row clearfix\">\r\n      <div class=\"sc-card-program__col-logo\">\r\n        <img decoding=\"async\" class=\"sc-card-program__img\" alt=\"NordVPN\" src=\"https:\/\/images.sftcdn.net\/images\/t_app-icon-s\/p\/6edeb839-ad87-4a36-8a90-f8c37d491340\/3902757110\/nordvpn-icon.png\" width=\"100px\" height=\"100px\">\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-title\">\r\n        <span class=\"sc-card-program__title\">NordVPN<\/span>\r\n        <a class=\"sc-card-program__button sc-card-program-internal\" href=\"https:\/\/nordvpn.en.softonic.com\/\" target=\"_self\" rel=\"noopener noreferrer\">DOWNLOAD<\/a>\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-rating\">\r\n        <svg class=\"rating-score__content\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.1\" x=\"0\" y=\"0\" viewbox=\"0 0 50 50\" enable-background=\"new 0 0 50 50\" xml:space=\"preserve\"><path class=\"rating-score__background rating-score--good\" fill=\"none\" stroke-width=\"6\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><path class=\"rating-score__value rating-score__value--0\" fill=\"none\" stroke-width=\"6\" stroke-dashoffset=\"0\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><text class=\"rating-score__number\" content=\"\" text-anchor=\"middle\" transform=\"matrix(1 0 0 1 25 31.0837)\" data-auto=\"app-user-score\"><\/text><\/svg>\r\n      <\/div>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <span class=\"sc-card-program__description\"><\/span>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <img decoding=\"async\" class=\"sc-card-program__bigpic\" src=\"\" onerror=\"this.style.display='none'\">\r\n    <\/div>\r\n    <a class=\"sc-card-program__link track-link sc-card-program-internal\" href=\"https:\/\/nordvpn.en.softonic.com\/\" target=\"_self\" rel=\"noopener noreferrer\"><\/a>\r\n  <\/div>\r\n<\/div>\n\n\n\n<p>According to the security company <strong><a href=\"https:\/\/censys.com\/the-mass-exploitation-of-ivanti-connect-secure\/\" target=\"_blank\" rel=\"noopener nofollow\" title=\"\">Censys<\/a><\/strong>, <strong>at least 492 Ivanti VPN devices would be infected<\/strong>, out of a total of 26,000 that are connected to the Internet. The company claims that more than a quarter of the compromised devices are located in the United States.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/articles-img.sftcdn.net\/sft\/articles\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-1024x576.jpg\" alt=\"\" class=\"wp-image-271834\" srcset=\"https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-1024x576.jpg 1024w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-300x169.jpg 300w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-768x433.jpg 768w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-800x450.jpg 800w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-664x374.jpg 664w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-238x134.jpg 238w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-436x246.jpg 436w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-370x208.jpg 370w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-304x170.jpg 304w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1-150x84.jpg 150w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2024\/01\/Dia-Internacional-de-la-VPN-1024x576-1.jpg 1280w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>\n\n\n<p>Ivanti <strong>has not yet released patches to fix these vulnerabilities<\/strong>, known as <strong>CVE-2023-46805 and CVE-2024-21887<\/strong>. The company has published a mitigation and recovery guide that affected users are recommended to follow. The United States Cybersecurity and Infrastructure Security Agency has issued a <a href=\"https:\/\/www.cisa.gov\/news-events\/directives\/ed-24-01-mitigate-ivanti-connect-secure-and-ivanti-policy-secure-vulnerabilities\" target=\"_blank\" rel=\"noopener nofollow\" title=\"\">directive<\/a> that <strong>requires all civilian government agencies to take corrective actions<\/strong> to prevent the exploitation of these vulnerabilities.<\/p>\n\n\n<div class=\"sc-card-program\">\r\n  <div class=\"sc-card-program__body\">\r\n    <div class=\"sc-card-program__row clearfix\">\r\n      <div class=\"sc-card-program__col-logo\">\r\n        <img decoding=\"async\" class=\"sc-card-program__img\" alt=\"NordVPN\" src=\"https:\/\/images.sftcdn.net\/images\/t_app-icon-s\/p\/6edeb839-ad87-4a36-8a90-f8c37d491340\/3902757110\/nordvpn-icon.png\" width=\"100px\" height=\"100px\">\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-title\">\r\n        <span class=\"sc-card-program__title\">NordVPN<\/span>\r\n        <a class=\"sc-card-program__button sc-card-program-internal\" href=\"https:\/\/nordvpn.en.softonic.com\/\" target=\"_self\" rel=\"noopener noreferrer\">DOWNLOAD<\/a>\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-rating\">\r\n        <svg class=\"rating-score__content\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.1\" x=\"0\" y=\"0\" viewbox=\"0 0 50 50\" enable-background=\"new 0 0 50 50\" xml:space=\"preserve\"><path class=\"rating-score__background rating-score--good\" fill=\"none\" stroke-width=\"6\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><path class=\"rating-score__value rating-score__value--0\" fill=\"none\" stroke-width=\"6\" stroke-dashoffset=\"0\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><text class=\"rating-score__number\" content=\"\" text-anchor=\"middle\" transform=\"matrix(1 0 0 1 25 31.0837)\" data-auto=\"app-user-score\"><\/text><\/svg>\r\n      <\/div>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <span class=\"sc-card-program__description\"><\/span>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <img decoding=\"async\" class=\"sc-card-program__bigpic\" src=\"\" onerror=\"this.style.display='none'\">\r\n    <\/div>\r\n    <a class=\"sc-card-program__link track-link sc-card-program-internal\" href=\"https:\/\/nordvpn.en.softonic.com\/\" target=\"_self\" rel=\"noopener noreferrer\"><\/a>\r\n  <\/div>\r\n<\/div>\n\n\n\n<p>Thanks to these vulnerabilities, hackers could steal data, modify files, download remote files, and create reverse tunnels from VPN devices, as detailed by Censys. They could also <strong>capture user credentials<\/strong> who connect to the VPN.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A group of hackers that could work for the Chinese Government has exploited two serious vulnerabilities in Ivanti VPN devices to infect networks worldwide. These vulnerabilities would allow attackers to bypass two-factor authentication and execute malicious code on systems using Ivanti Connect Secure, a very popular VPN. According to the security company Censys, at least &hellip; <a href=\"https:\/\/cms-articles.softonic.io\/en\/this-vpn-has-problems-attacked-by-hackers-and-issues-for-its-users\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;This VPN has problems: attacked by hackers and issues for its users&#8221;<\/span><\/a><\/p>\n","protected":false},"author":9256,"featured_media":271832,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":8},"categories":[1015],"tags":[],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-271830","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/271830","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9256"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=271830"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/271830\/revisions"}],"predecessor-version":[{"id":315080,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/271830\/revisions\/315080"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/271832"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=271830"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=271830"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=271830"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=271830"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=271830"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=271830"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}