← Back to CVEs
CVE-2020-8239
CRITICAL9.8
Description
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client (Windows) and Windows PDC.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published10/28/2020
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
pulsesecure:pulse_secure_desktop_client
References
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601(support@hackerone.com)
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.