⚠ Actively exploited
Added to CISA KEV on 2022-03-07. Federal agencies required to patch by 2022-09-07. Required action: Apply updates per vendor instructions..

CVE-2020-8218Code Injection in Ivanti Connect Secure

CWE-94Code Injection7 documents7 sources
Severity
7.2HIGHNVD
EPSS
91.1%
top 0.36%
CISA KEV
KEV
Added 2022-03-07
Due 2022-09-07
Exploit
Exploited in wild
Active exploitation observed
Affected products
4
Ivanti Connect SecurePulsesecure Pulse Policy SecurePulsesecure Pulse Connect Secure+1 more
Timeline
PublishedJul 30
KEV addedMar 7
Latest updateMay 24
KEV dueSep 7
CISA Required Action: Apply updates per vendor instructions.

Description

A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages4 packages

CVEListV5pulsesecure/pulse_connect_secureFixed in 9.1R8

🔴Vulnerability Details

3
GHSA
GHSA-29h7-cpmq-mh8j: A code injection vulnerability exists in Pulse Connect Secure <92022-05-24
CVEList
CVE-2020-8218: A code injection vulnerability exists in Pulse Connect Secure <92020-07-30
VulnCheck
Pulse Connect Secure Code Injection Vulnerability2020

🔍Detection Rules

1
Suricata
ET EXPLOIT Possible Pulse Secure VPN RCE Inbound (CVE-2020-8218)2020-08-27

📋Vendor Advisories

2
CISA
Pulse Connect Secure Code Injection Vulnerability2022-03-07
Ivanti
Pulse Connect Secure Code Injection Vulnerability2022-03-07
CVE-2020-8218 — Code Injection in Ivanti Connect Secure | cvebase