CVE-2020-13162

Name of the Vulnerable Software and Affected Versions: Pulse Secure Client versions prior to 9.1.6

Description: A time-of-check time-of-use vulnerability in PulseSecureService.exe allows unprivileged users to run a Microsoft Installer executable with elevated privileges. This issue is caused by a "race condition" situation, which can be exploited by an attacker to elevate their privileges.

Recommendations: For Pulse Secure Client versions prior to 9.1.6, update to version 9.1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the PulseSecureService.exe to minimize the risk of exploitation.