Security News > 2021 > August > Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)
The patch for a vulnerability in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich Warren has found.
This new patch bypass vulnerability that could lead to remote code execution has been assigned a separate identification number and has been fixed by Ivanti Pulse Secure on Monday.
Such a simple change can be easily reproduced by attackers.
CVE-2021-22937 is an uncontrolled archive extraction vulnerability that allows an attacker to overwrite arbitrary files.
Ivanti Pulse Secure noted on Monday that, to their knowledge, none of the CVEs they fixed in the latest version of PCS are under active exploitation.
"In addition to addressing the CVEs, PCS version 9.1R12 includes enhanced features such as the incorporation of our Pulse Security Integrity Checker Tool directly into the product to create a seamless, more secure customer experience. This built-in feature eliminates the need for scheduled downtime to run an integrity check," the company added.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/ne7edIpv1Ps/
Related news
- Check Point warns customers to patch VPN vulnerability under active exploitation (source)
- Exploit for critical Progress Telerik auth bypass released, patch now (source)
- Exploit for critical Veeam auth bypass available, patch now (source)
- Exploit for Veeam Recovery Orchestrator auth bypass available, patch now (source)
- Netgear warns users to patch auth bypass, XSS router flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-16 | CVE-2021-22937 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface. | 7.2 |