CVE-2020-13162 – Pulse Secure Windows Client Privilege Escalation
https://notcve.org/view.php?id=CVE-2020-13162
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges. Una vulnerabilidad de tipo time-of-check time-of-use en el archivo PulseSecureService.exe en Pulse Secure Client versiones anteriores a 9.1.6 hasta 5.3 R70 para Windows (que se ejecuta como NT AUTHORITY/SYSTEM), permite a los usuarios sin privilegios correr un ejecutable de Microsoft Installer con privilegios elevados The Windows client for Pulse Secure versions prior to 9.1.6 have a TOCTOU bug that allows an attacker to escalate the privilege to NT_AUTHORITY\SYSTEM. • https://github.com/redtimmy/tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162- http://packetstormsecurity.com/files/158117/Pulse-Secure-Client-For-Windows-Local-Privilege-Escalation.html http://packetstormsecurity.com/files/159065/Pulse-Secure-Windows-Client-Privilege-Escalation.html http://seclists.org/fulldisclosure/2020/Jun/25 http://seclists.org/fulldisclosure/2020/Sep/15 https://kb.pulsesecure.net/?atype=sa https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44503 https://twitter.com/gsepcali/status • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •