Vulnerability in multiple enterprise VPN apps

Filip Pokorný

April 15, 2019

Multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files. If an attacker has persistent access to a VPN user's endpoint or exfiltrates the cookie using other methods, they can replay the session and bypass other authentication methods. An attacker would then have access to the same applications that the user does through their VPN session.