Security News > 2021 > August > Critical Code Execution Vulnerability Patched in Pulse Connect Secure
IT management and security company Ivanti this week released patches for multiple vulnerabilities in its Pulse Connect Secure VPN appliances, including a critical issue that could be exploited to execute arbitrary code with root privileges.
Tracked as CVE-2021-22937, the issue is in fact a bypass of the patch released in October last year for CVE-2020-8260, a high-severity remote code execution flaw in the admin web interface of Pulse Connect Secure.
Pulse Connect Secure administrators can import archived configurations that are compressed using GZIP and encrypted with a hardcoded key.
The patch for CVE-2020-8260 added validation to extracted files, but not for the "Profiler" type, meaning that the patch could be easily bypassed for code execution by simply modifying the original exploit to use the "Profiler" archive type.
In May 2021, Ivanti patched CVE-2020-22900, a bug that could allow for code execution by modifying the original exploit to specific CGI files.
Pulse Connect Secure 9.1R12 also addresses CVE-2021-22935, a critical-severity vulnerability that could be exploited for command injection "Via an unsanitized web parameter."
News URL
Related news
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- IBM scores perfect 10 ... vulnerability in mission-critical OS AIX (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-16 | CVE-2021-22937 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface. | 7.2 |
| 2021-08-16 | CVE-2021-22935 | Command Injection vulnerability in multiple products A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform command injection via an unsanitized web parameter. | 7.2 |
| 2020-10-28 | CVE-2020-8260 | Unrestricted Upload of File with Dangerous Type vulnerability in Ivanti Connect Secure A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction. | 7.2 |