Skip to content
/ CVE-2020-8254 Public

CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mbadanoiu/CVE-2020-8254

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
Pulse Secure VPN Windows Client - CVE-2020-8254.pdf
Pulse Secure VPN Windows Client - CVE-2020-8254.pdf
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client

A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server.

Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found here.

Requirements:

This vulnerability requires:

  • User interaction (victim needs to click “Yes” or “Always” when asked to download the “Host Checker” software)

Proof Of Concept:

More details and the exploitation process can be found in this PDF.

About

CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client

Topics

cve user-interaction remote-code-execution zip-slip cves 0-day cve-2020-8254

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository