Unrated severityCISA KEVNVD Advisory· Published Apr 23, 2021· Updated Oct 21, 2025
CVE-2021-22893
CVE-2021-22893
Description
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.
Affected products
1- Pulse Connect Secure/Pulse Connect Securedescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- blog.pulsesecure.net/pulse-connect-secure-security-update/mitrex_refsource_MISC
- kb.cert.org/vuls/id/213092mitrex_refsource_MISC
- kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/mitrex_refsource_MISC
- www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.