CVE-2021-22893: Ivanti Pulse Connect Secure Use-After-Free Vulnerability.

Ivanti Pulse Connect Secure Use-After-Free Vulnerability. Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.

• CISA KEV-listed (remediation due 2022-05-03)
• used in ransomware campaigns
• EPSS 93.6% (99.8% percentile)

Detection rules

• Pulse Connect Secure RCE Attack CVE-2021-22893 high

Browse the CVE database

Read the full analysis on IntelFusions