CVE-2021-22893

critical-risk
Published 2021-04-23

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.

Do I need to act?

!
93.6% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
10
CVSS 10.0/10 Critical
NETWORK / LOW complexity

Affected Products (20)

Affected Vendors

Ivanti

References (10)

Vendor Advisory https://blog.pulsesecure.net/pulse-connect-secure-security-update/
Third Party Advisory https://kb.cert.org/vuls/id/213092
Broken Link https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/
Third Party Advisory https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-levera...
Vendor Advisory https://blog.pulsesecure.net/pulse-connect-secure-security-update/
Third Party Advisory https://kb.cert.org/vuls/id/213092
Broken Link https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/
Third Party Advisory https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-levera...
US Government Resource https://www.kb.cert.org/vuls/id/213092
US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-...
83
/ 100
critical-risk
Severity 33/34 · Critical
Exploitability 27/34 · High
Exposure 23/34 · High