Vulnerability Description
Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Pulse Secure Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within SetupService. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service. Was ZDI-CAN-17687.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ivanti | Pulse Secure Desktop Client | < 9.1 |
| Ivanti | Pulse Secure Installer Service | 9.1 |
| Ivanti | Secure Access Client | 22.2 |
Related Weaknesses (CWE)
References
- https://www.zerodayinitiative.com/advisories/ZDI-23-858/Third Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-23-858/Third Party Advisory
- https://forums.ivanti.com/s/article/CVE-2023-34298-Ivanti-Secure-Access-Client-lVendor Advisory
FAQ
What is CVE-2023-34298?
CVE-2023-34298 is a vulnerability with a CVSS score of 7.8 (HIGH). Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Pulse Secur...
How severe is CVE-2023-34298?
CVE-2023-34298 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-34298?
Check the references section above for vendor advisories and patch information. Affected products include: Ivanti Pulse Secure Desktop Client, Ivanti Pulse Secure Installer Service, Ivanti Secure Access Client.