Lucene search
K

9 matches found

ICS
ICS
added 2021/08/24 12:0 p.m.142 views

Exploitation of Pulse Connect Secure Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA is aware of compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to...

10CVSS9.8AI score0.99999EPSS
Exploits35References61
The Hacker News
The Hacker News
added 2021/08/09 9:0 a.m.508 views

Pulse Secure VPNs Get New Urgent Update for Poorly Patched Critical Flaw

Pulse Secure has shipped a fix for a critical post-authentication remote code execution RCE vulnerability in its Connect Secure virtual private network VPN appliances to address an incomplete patch for an actively exploited flaw it previously resolved in October 2020. "The Pulse Connect Secure...

7.2CVSS0.8AI score0.9648EPSS
Exploits5
Malwarebytes
Malwarebytes
added 2021/04/21 6:12 p.m.784 views

Take action! Multiple Pulse Secure VPN vulnerabilities exploited in the wild

Pulse Secure has alerted customers to the existence of an exploitable chain of attack against its Pulse Connect Secure PCS appliances. PCS provides Virtual Private Network VPN facilities to businesses, which use them to prevent unauthorized access to their networks and services. Cybersecurity...

7.5CVSS1.7AI score0.99999EPSS
Exploits35
Metasploit
Metasploit
added 2020/12/18 5:41 p.m.114 views

Pulse Secure VPN gzip RCE

The Pulse Connect Secure appliance before 9.1R9 suffers from an uncontrolled gzip extraction vulnerability which allows an attacker to overwrite arbitrary files, resulting in Remote Code Execution as root. Admin credentials are required for successful exploitation. Of note, MANY binaries are not ...

7.2CVSS8.2AI score0.9648EPSS
Exploits4
0day.today
0day.today
added 2020/12/18 12:0 a.m.129 views

Pulse Secure VPN Remote Code Execution Exploit

The Pulse Connect Secure appliance versions prior to 9.1R9 suffer from an uncontrolled gzip extraction vulnerability which allows an attacker to overwrite arbitrary files, resulting in remote code execution as root. Admin credentials are required for successful exploitation...

7.2CVSS7.6AI score0.9648EPSS
Exploits4
Circl
Circl
added 2020/12/17 10:50 p.m.16 views

CVE-2020-8260

creationtimestamp| type| source ---|---|--- 2020-12-17 22:50:44+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/pulsesecuregziprce.rb 2021-04-16 11:17:08+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/194 2021-04-21...

7.2CVSS7AI score0.9648EPSS
Exploits4References11
Tenable Nessus
Tenable Nessus
added 2020/10/30 12:0 a.m.104 views

Pulse Policy Secure < 9.1R9 (SA44601)

According to its self-reported version, the version of Pulse Policy Secure running on the remote host is prior to 9.1R9. It is, therefore, affected by the following vulnerabilities: - A vulnerability in the Pulse Connect Secure 9.1R9 admin web interface could allow an authenticated attacker to...

7.2CVSS7.8AI score0.9648EPSS
Exploits9References9
Vulnrichment
Vulnrichment
added 2020/10/28 12:47 p.m.10 views

CVE-2020-8260

A vulnerability in the Pulse Connect Secure 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction...

7.3AI score0.9648EPSS
Exploits4References2
CVE
CVE
added 2020/10/28 12:47 p.m.1154 views

CVE-2020-8260

Pulse Connect Secure (PCS) vulnerable

7.2CVSS8.2AI score0.9648EPSS
In wildExploits4References3Affected Software1
Rows per page
Query Builder