Ivanti has released a security update to address vulnerabilities (CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, CVE-2021-22900) affecting Pulse Connect Secure (PCS) software. An attacker could exploit these vulnerabilities to gain system access and take control of an affected system. According to Pulse Connect Secure security advisory, the solution for these vulnerabilities is to upgrade the Pulse Connect Secure server software version to the 9.1R.11.4.

Users are strongly encouraged to review security advisory and apply the necessary updates – pulsesecure.net.