Ivanti has released a security update to address vulnerabilities affecting Pulse Connect Secure (PCS) software outlined in CVE-2021-22893. An attacker could exploit these vulnerabilities to gain system access and take control of an affected system. In response, CISA released [AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities](<https://us-cert.cisa.gov/ncas/alerts/aa21-110a >) on April 20 and added detection information on April 30.
CISA strongly encourages customers using Ivanti Pulse Connect Secure appliances to review the blog post and apply the necessary updates. For additional information, CISA recommends reviewing the following resources and tools below.
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts.
We recently updated our anonymous product survey; we’d welcome your feedback.
blog.pulsesecure.net/pulse-connect-secure-patch-availability-sa44784/
kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44755
kb.pulsesecure.net/articles/Pulse_Secure_Article/SA44784/
kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/
us-cert.cisa.gov/ncas/alerts/aa21-110a
us-cert.cisa.gov/ncas/alerts/aa21-110a