Security News > 2021 > August > Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)

Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)
2021-08-06 10:10

The patch for a vulnerability in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich Warren has found.

This new patch bypass vulnerability that could lead to remote code execution has been assigned a separate identification number and has been fixed by Ivanti Pulse Secure on Monday.

Such a simple change can be easily reproduced by attackers.

CVE-2021-22937 is an uncontrolled archive extraction vulnerability that allows an attacker to overwrite arbitrary files.

Ivanti Pulse Secure noted on Monday that, to their knowledge, none of the CVEs they fixed in the latest version of PCS are under active exploitation.

"In addition to addressing the CVEs, PCS version 9.1R12 includes enhanced features such as the incorporation of our Pulse Security Integrity Checker Tool directly into the product to create a seamless, more secure customer experience. This built-in feature eliminates the need for scheduled downtime to run an integrity check," the company added.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/ne7edIpv1Ps/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-08-16 CVE-2021-22937 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface.
network
low complexity
pulsesecure ivanti CWE-434
7.2