Pulse Connect Secure Buffer Overflow Vulnerability
CVE-2021-22908 - CVSS:8.5
A remote authenticated attacker with privileges to browse SMB shares can use this vulnerability to execute arbitrary code with root user privileges.
CERT.be recommends all system administrators to upgrade their vulnerable Pulse Secure instances to version 9.1R11.5 minimum once available.
There is currently a workaround available, you can find the procedure on the vendor's website: Pulse Security Advisory: SA44800 - 2021-05: Out-of-Cycle Advisory: Pulse Connect Secure Buffer Overflow Vulnerability (pulsesecure.net)