Pulse Secure VPN file read enabling credential theft — exploited by APT groups including CISA-named Iranian and Chinese actors. Patch immediately. Forensic review required: check /etc/passwd and cached credentials regardless of patch status.
An unauthenticated remote attacker with network access to Pulse Secure Pulse Connect Secure VPN can perform arbitrary file reading. Attackers can read sensitive files including password databases.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →