Pulse Secure Pulse Connect Secure (PCS) Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) Vulnerability

Summary

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced.

 

 

Credit:

The information has been provided by Vendor

The original article can be found at:https://git.lsd.cat/g/pulse-host-checker-rce

 


Details

Allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via shell metacharacters to the doCustomRemediateInstructions method, because Runtime.getRuntime().exec() is used.

 

Vulnerable Systems:

Pulse Secure Pulse Connect Secure (PCS)

 

CVE Information:

CVE-2020-11581

Disclosure Timeline:
Published Date:4/6/2020

Categories: News