Security Alert (A21-05-12): Vulnerability in Pulse Secure Products
26 May 2021
Pulse Secure has released a security advisory about a buffer overflow vulnerability in Pulse Connect Secure gateway. A remote authenticated attacker could exploit the vulnerability to browse SMB shares and execute arbitrary code as the root user.
Pulse Connect Secure version 9.0 and 9.1
A successful attack could lead to remote code execution on an affected system.
Patch for the affected products is not yet available but Pulse Secure has provided a workaround to mitigate the risk of exploitation. Details of the workaround could be found at the following URL: