Meh Chang

**Name of the Vulnerable Software and Affected Versions** Exim versions prior to 4.94.2 **Description** The issue is related to improper initialization that can lead to recursion-based stack consumption or other consequences. This occurs because the use of certain `getc` functions is mishandled when a client uses `BDAT` instead of `DATA`. The vulnerability can be exploited by a remote attacker to execute a denial of service (DoS) by sending specially crafted data to the application. **Recommendations** For Exim versions prior to 4.94.2, update to version 4.94.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of `BDAT` commands to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PAN-OS versions 7.1.18 and earlier PAN-OS versions 8.0.11-h1 and earlier PAN-OS versions 8.1.2 and earlier **Description** The issue exists due to insufficient input validation in the GlobalProtect portal and GlobalProtect Gateway interface of the PAN-OS operating system. Exploitation of this issue may allow an unauthenticated remote attacker to execute arbitrary code by sending a specially crafted request. Mass scanning activity has been detected, checking for vulnerable Palo Alto SSL VPN servers. Successful exploitation allows an unauthenticated attacker to execute arbitrary code. **Recommendations** For PAN-OS versions 7.1.18 and earlier, update to a version later than 7.1.18. For PAN-OS versions 8.0.11-h1 and earlier, update to a version later than 8.0.11-h1. For PAN-OS versions 8.1.2 and earlier, update to a version later than 8.1.2. As a temporary workaround, consider disabling the GlobalProtect Portal or GlobalProtect Gateway Interface until a patch is available. Restrict access to the GlobalProtect portal and GlobalProtect Gateway interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Pulse Secure Pulse Connect Secure (PCS) versions 8.1R15.0 and earlier Pulse Secure Pulse Connect Secure (PCS) versions 8.2R12.0 and earlier Pulse Secure Pulse Connect Secure (PCS) versions 8.3R7.0 and earlier Pulse Secure Pulse Connect Secure (PCS) versions 9.0R3.3 and earlier **Description** The issue allows an authenticated attacker, via the admin web interface, to exploit Directory Traversal and execute arbitrary code on the appliance. **Recommendations** For versions 8.1R15.0 and earlier, update to version 8.1R15.1 or later. For versions 8.2R12.0 and earlier, update to version 8.2R12.1 or later. For versions 8.3R7.0 and earlier, update to version 8.3R7.1 or later. For versions 9.0R3.3 and earlier, update to version 9.0R3.4 or later.

**Name of the Vulnerable Software and Affected Versions** Pulse Secure Pulse Connect Secure (PCS) versions 8.2 through 8.2R12.1 Pulse Secure Pulse Connect Secure (PCS) versions 8.3 through 8.3R7.1 Pulse Secure Pulse Connect Secure (PCS) versions 9.0 through 9.0R3.4 **Description** The issue is related to errors in permission handling, allowing an unauthenticated remote attacker to send a specially crafted URI and perform an arbitrary file reading. This can lead to the disclosure of active users and their plain-text credentials. Over 2,500 Pulse Secure VPN endpoints are potentially affected. **Recommendations** For Pulse Secure Pulse Connect Secure (PCS) versions 8.2 through 8.2R12.1, update to version 8.2R12.1 or later. For Pulse Secure Pulse Connect Secure (PCS) versions 8.3 through 8.3R7.1, update to version 8.3R7.1 or later. For Pulse Secure Pulse Connect Secure (PCS) versions 9.0 through 9.0R3.4, update to version 9.0R3.4 or later. As a temporary workaround, consider restricting access to the vulnerable URI endpoint until a patch is available.