Pulse Secure has released a security advisory about a buffer overflow vulnerability in Pulse Connect Secure gateway. A remote authenticated attacker could exploit the vulnerability to browse SMB shares and execute arbitrary code as the root user.
A successful attack could lead to remote code execution on an affected system.
Patch for the affected products is not yet available but Pulse Secure has provided a workaround to mitigate the risk of exploitation. Details of the workaround could be found at the following URL:
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44800
System administrators should contact their product support vendors for assistance and apply the security patch once available.