Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.14 views

CVE-2021-22893

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the...

10CVSS8.2AI score0.47172EPSS
Exploits9References1
Check Point Advisories
Check Point Advisories
added 2022/04/03 12:0 a.m.25 views

Pulse Connect Secure Authentication Bypass (CVE-2021-22893)

An authentication bypass vulnerability exists in Pulse Connect Secure. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...

7.5CVSS4.5AI score0.47172EPSS
Exploits9
GithubExploit
GithubExploit
added 2021/10/03 9:46 p.m.376 views

Exploit for Improper Authentication in Ivanti Connect_Secure

CVE-2021-22893 Proof-of-Concept PoC scrip...

10CVSS9.8AI score0.47172EPSS
Exploits9
GithubExploit
GithubExploit
added 2021/10/03 9:46 p.m.480 views

Exploit for Improper Authentication in Ivanti Connect_Secure

CVE-2021-22893 Proof-of-Concept PoC scrip...

10CVSS9.8AI score0.47172EPSS
Exploits9
GithubExploit
GithubExploit
added 2021/10/03 9:46 p.m.290 views

Exploit for Improper Authentication in Ivanti Connect_Secure

CVE-2021-22893 Proof-of-Concept PoC scrip...

10CVSS9.8AI score0.47172EPSS
Exploits9
ICS
ICS
added 2021/08/24 12:0 p.m.142 views

Exploitation of Pulse Connect Secure Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA is aware of compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to...

10CVSS9.8AI score0.99999EPSS
Exploits35References61
The Hacker News
The Hacker News
added 2021/05/28 7:29 a.m.286 views

Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices

Cybersecurity researchers from FireEye unmasked additional tactics, techniques, and procedures TTPs adopted by Chinese threat actors who were recently found abusing Pulse Secure VPN devices to drop malicious web shells and exfiltrate sensitive information from enterprise networks. FireEye's...

10CVSS0.4AI score0.47172EPSS
Exploits9
The Hacker News
The Hacker News
added 2021/05/04 7:52 a.m.129 views

Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack

Ivanti, the company behind Pulse Secure VPN appliances, has released a security patch to remediate a critical security vulnerability that was found being actively exploited in the wild by at least two different threat actors. Tracked as CVE-2021-22893 CVSS score 10, the flaw concerns "multiple us...

10CVSS1.6AI score0.47172EPSS
Exploits9
CISA
CISA
added 2021/05/03 12:0 a.m.783 views

Ivanti Releases Pulse Secure Security Update

Ivanti has released a security update to address vulnerabilities affecting Pulse Connect Secure PCS software outlined in CVE-2021-22893. An attacker could exploit these vulnerabilities to gain system access and take control of an affected system. In response, CISA released AA21-110A: Exploitation...

7.5CVSS1.6AI score0.47172EPSS
In wildExploits9References6
CVE
CVE
added 2021/04/23 4:29 p.m.1250 views

CVE-2021-22893

CVE-2021-22893 affects Pulse Connect Secure (PCS) 9.0R3/9.1R1 and later. The flaw is an authentication bypass exposed via the Windows File Share Browser and Pulse Secure Collaboration features, allowing an unauthenticated attacker to achieve remote code execution on the PCS gateway. Public source...

10CVSS9.9AI score0.47172EPSS
In wildExploits9References6Affected Software1
Vulnrichment
Vulnrichment
added 2021/04/23 4:29 p.m.5 views

CVE-2021-22893

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the...

8.2AI score0.47172EPSS
Exploits9References4
Talos Blog
Talos Blog
added 2021/04/22 10:29 a.m.223 views

Threat Advisory: Pulse Secure Connect Coverage

Pulse Secure announced that a critical vulnerability CVE-2021-22893 was discovered in their VPN service "Pulse Secure Connect" in a recent security advisory. The advisory states that, "a vulnerability was discovered under Pulse Connect Secure PCS. This includes an authentication by-pass... This i...

7.5CVSS2.6AI score0.47172EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2021/04/21 8:10 p.m.887 views

Active Exploitation of Pulse Connect Secure Zero-Day (CVE-2021-22893)

On Tuesday, April 20, 2021, security firm FireEye published detailed analysis of multiple threat campaigns targeting Ivanti’s Pulse Connect Secure VPN. According to FireEye’s analysis, threat actors have been leveraging multiple techniques to bypass single- and multi-factor authentication on Puls...

7.5CVSS0.7AI score0.99999EPSS
Exploits43
ThreatPost
ThreatPost
added 2021/04/21 3:35 p.m.4137 views

Pulse Secure Critical Zero-Day Security Bug Under Active Exploit

A critical zero-day security vulnerability in Pulse Secure VPN devices has been exploited by nation-state actors to launch cyberattacks against U.S. defense, finance and government targets, as well as victims in Europe, researchers said. Download “The Evolution of Ransomware” to gain valuable...

7.5CVSS0.4AI score0.99999EPSS
Exploits35References12
GithubExploit
GithubExploit
added 2021/04/21 9:48 a.m.231 views

Exploit for Improper Authentication in Ivanti Connect_Secure

CVE-2021-22893 THIS IS NOT A REAL EXPLOIT IT IS A HONEYPOC ht...

10CVSS9.9AI score0.92178EPSS
Exploits28
The Hacker News
The Hacker News
added 2021/04/21 4:20 a.m.2859 views

WARNING: Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations

If Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability CVE-2021-22893 that is currently being exploited in the wild and for which there is no patch available yet. At least two threat...

10CVSS0.6AI score0.99999EPSS
Exploits35
Circl
Circl
added 2021/04/20 3:25 p.m.5 views

CVE-2021-22893

creationtimestamp| type| source ---|---|--- 2021-04-20 15:25:01+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus12/2021 2021-04-20 16:04:08+00:00| seen| MISP/db607906-454d-4d4e-9f13-e52366b26b31 2021-04-21 04:00:00+00:00| seen|...

10CVSS7.5AI score0.47172EPSS
Exploits9References35
FireEye
FireEye
added 2021/04/20 12:0 a.m.718 views

Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day

Executive Summary Mandiant recently responded to multiple security incidents involving compromises of Pulse Secure VPN appliances. This blog post examines multiple, related techniques for bypassing single and multifactor authentication on Pulse Secure VPN devices, persisting across upgrades, and...

7.5CVSS0.2AI score0.83425EPSS
Exploits9References4
CERT
CERT
added 2021/04/20 12:0 a.m.296 views

Pulse Connect Secure contains a use-after-free vulnerability

Overview Pulse Connect Secure PCS gateway contains a use-after-free vulnerability that can allow an unauthenticated remote attacker to execute arbitrary code. Description CVE-2021-22893 A use-after-free vulnerability that can be reached via a license server handling endpoint may allow a remote,...

10CVSS9.8AI score0.47172EPSS
Exploits9References4
Rows per page
Query Builder