CVE-2020-8254: Pulse Secure Desktop Client < 9.1R9 Has Remote Code Execution (RCE)
Virsec Security Research Lab Vulnerability Report
The Virsec Security Research Lab, helmed by Virsec CTO, Satya Gupta, provides timely, relevant analysis about prevalent security vulnerabilities.
1.1 Vulnerability Summary
A vulnerability in the Pulse Connect Secure, Pulse Policy Secure, Pulse Secure Desktop Client Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC. Affected by this vulnerability is an unknown function of the component Dynamic Certificate Trust. The manipulation with an unknown input leads to a directory traversal vulnerability. The exploitation appears to be easy. The attack can be launched remotely. The exploitation does not need any form of authentication.
Watch the video to learn more about this and other important vulnerabilities.
1.2 CVSS Score
The CVSS Base Score is 8.8 (High)
1.3 Affected Version
Pulse Secure Desktop Client < 9.1R9.
The earliest vulnerable version was released on 05/2020. The exposure window is therefore 6 months.
1.4 Vulnerability Attribution
Anonymous.
1.5 Risk Impact
Pulse Secure Desktop client (PDC) is One universal client for Pulse Connect Secure, Pulse Policy Secure and Pulse Workspace. It provides a very user friendly experience on mobile and desktop to connect to VPN, BYOD, etc. PDC is popular client which is used by lot of enterprises to connect to their corporate network and perform critical and confidential tasks, any exploit of this vulnerability will compromise the whole corporate data.
1.6 Virsec Security Platform (VSP) Support:
- The Virsec Security Platform (VSP)-Web’s path traversal feature will detect this exploit and will prevent this attack.
- VSP-Host monitors processes that are spawned which are not part of a set of whitelisted process. Any attempt to execute new command or unknown binary would be denied by VSP-Host’s Process Monitoring capability.
1.7 Reference Links:
Download the full vulnerability report to learn more about this and other important vulnerabilities.
The post CVE-2020-8254: Pulse Secure Desktop Client < 9.1R9 Has Remote Code Execution (RCE) appeared first on Virsec Systems.
*** This is a Security Bloggers Network syndicated blog from Blog – Virsec Systems authored by Satya Gupta. Read the original post at: https://virsec.com/cve-2020-8254-pulse-secure-desktop-client-9-1r9-has-remote-code-execution/
