⚠ Actively exploited in ransomware campaigns

This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply updates per vendor instructions.. Due date: 2022-05-03.

CVE-2019-11510 — Path Traversal in Ivanti Connect Secure

CWE-22 — Path Traversal CWE-404 — Improper Resource Shutdown or Release CWE-74 — Injection130 documents26 sources

Severity

10.0CRITICALNVD

VulnCheck9.8VulnCheck7.8

EPSS

94.5%

top < 0.01%

CISA KEV

KEVRansomware

Added 2021-11-03

Due 2022-05-03

Exploit

Exploited in wild

Active exploitation observed

Affected products

Ivanti Connect Secure

Timeline

PublishedMay 8

KEV addedNov 3

KEV dueMay 3

Latest updateJun 27

CISA Required Action: Apply updates per vendor instructions.

Description

In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages1 packages

▶NVDivanti/connect_secure8.2, 8.3, 9.0+2

Patches

Patch: kb.pulsesecure.net ↗Patch: kb.pulsesecure.net ↗

🔴Vulnerability Details

GHSA

GHSA-6wr2-qx99-98mg: In Pulse Secure Pulse Connect Secure (PCS) before 8↗2022-05-24

▶

CVEList

CVE-2019-11510: In Pulse Secure Pulse Connect Secure (PCS) 8↗2019-05-08

▶

VulnCheck

Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability↗2019

▶

VulnCheck

Oracle WebLogic Server, Injection↗2019

▶

VulnCheck

Microsoft Win32k Privilege Escalation Vulnerability↗2018

▶

💥Exploits & PoCs

Exploit-DB

Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure (Metasploit)↗2019-08-21

▶

Nuclei

Pulse Connect Secure SSL VPN Arbitrary File Read

▶

Metasploit

Pulse Secure VPN Arbitrary File Disclosure↗

▶

🔍Detection Rules

Suricata

ET EXPLOIT Pulse Secure SSL VPN - Arbitrary File Read (CVE-2019-11510)↗2019-08-22

▶

📋Vendor Advisories

CISA

Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability↗2021-11-03

▶

Ivanti

Pulse Connect Secure Arbitrary File Read↗2021-11-03

▶

🕵️Threat Intelligence

107

Tenable

Frequently Asked Questions About Iranian Cyber Operations↗2025-06-27

▶

Qualys

Inside LockBit: Defense Lessons from the Leaked LockBit Negotiations↗2025-05-08

▶

Bleepingcomputer

US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks↗2025-05-02

▶

Tenable

CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild↗2025-01-14

▶

Tenable

CVE-2025-0282: Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild↗2025-01-08

▶

📄Research Papers

arXiv

VulRG: Multi-Level Explainable Vulnerability Patch Ranking for Complex Systems Using Graphs↗2025-02-16

▶

arXiv

Microservice Vulnerability Analysis: A Literature Review with Empirical Insights↗2024-07-31

▶

arXiv

Dynamic Vulnerability Criticality Calculator for Industrial Control Systems↗2024-03-20

▶

💬Community

HackerOne

Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN on the https://██████ (███)↗2024-06-18

▶

HackerOne

Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN on the https://████↗2021-07-29

▶

HackerOne

Command Injection (via CVE-2019-11510 and CVE-2019-11539)↗2020-05-07

▶

HackerOne

Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN on the https://███↗2019-12-02

▶

HackerOne

[CVE-2019-11510 ] Path Traversal on ████████ leads to leaked passwords, RCE, etc↗2019-12-02

▶