PT-2020-20050 · Pulse Secure+1 · Standalone Host Checker Client+2

Published

2020-10-27

Updated

2021-08-17

CVE-2020-8239

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Pulse Secure Desktop Client versions prior to 9.1R9

Description The issue concerns a client registry privilege escalation attack. It requires a server-side upgrade due to the Standalone Host Checker Client (Windows) and Windows PDC.

Recommendations For Pulse Secure Desktop Client versions prior to 9.1R9, upgrade to version 9.1R9 or later to resolve the issue. Additionally, perform a server-side upgrade to address the vulnerability in the Standalone Host Checker Client (Windows) and Windows PDC.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-8239

Affected Products

Pulse Secure Desktop Client

Standalone Host Checker Client

Windows

PT-2020-20050 · Pulse Secure+1 · Standalone Host Checker Client+2

CVE-2020-8239

Related Identifiers

Affected Products

References · 5