Platform
windows
Component
pulse-secure-client
Fixed in
9.1.1
CVE-2023-34298 is a directory traversal vulnerability discovered in Pulse Secure Client. This flaw allows a local attacker to escalate privileges by exploiting insufficient path validation within the SetupService component. The vulnerability impacts versions 9.1r15 through 9.1r15, and a patch is available to resolve the issue.
Successful exploitation of CVE-2023-34298 allows a local attacker to gain elevated privileges on a system running the vulnerable Pulse Secure Client. The attacker must initially have the ability to execute low-privileged code. By manipulating user-supplied paths, they can then potentially execute arbitrary code and compromise the system. This could lead to unauthorized access to sensitive data, modification of system configurations, or complete system takeover. The impact is particularly concerning in environments where Pulse Secure Client is used for remote access, as a compromised client could serve as a stepping stone for further attacks within the network.
CVE-2023-34298 was publicly disclosed on May 3, 2024. The vulnerability is considered to have a medium exploitation probability based on the requirement for local code execution. Public proof-of-concept exploits are not currently available, but the relatively straightforward nature of directory traversal vulnerabilities suggests that they may emerge. Monitor security advisories and threat intelligence feeds for updates.
Exploit Status
EPSS
0.12% (30% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2023-34298 is to upgrade to a patched version of Pulse Secure Client as soon as possible. Until the upgrade can be performed, consider restricting access to the SetupService component to prevent unauthorized manipulation of file paths. Implement strict access controls and monitor system logs for suspicious activity related to file operations. While not a complete solution, these measures can reduce the attack surface and make exploitation more difficult. After upgrade, confirm functionality by verifying successful client connection and feature operation.
Actualice Pulse Secure Client a una versión posterior a 9.1r15. Esto solucionará la vulnerabilidad de escalada de privilegios local debido al recorrido de directorios en SetupService.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-34298 is a directory traversal vulnerability in Pulse Secure Client allowing local privilege escalation. It affects versions 9.1r15–9.1r15, enabling attackers to manipulate file paths and potentially execute arbitrary code.
If you are using Pulse Secure Client versions 9.1r15 through 9.1r15, you are potentially affected. Check your installed version and upgrade as soon as possible.
Upgrade to a patched version of Pulse Secure Client. Until the upgrade, restrict access to the SetupService component and monitor system logs.
While no active exploitation has been confirmed, the vulnerability's nature suggests potential for exploitation. Monitor security advisories and threat intelligence feeds.
Refer to the official Pulse Secure security advisory for detailed information and mitigation steps: [https://knowledgebase.pulesecure.net/kb/details/1533](https://knowledgebase.pulesecure.net/kb/details/1533)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.