Arbitrary file upload in Ivanti Connect Secure (formerly Pulse Connect Secure) and Ivanti Policy Secure (formerly Pulse Policy Secure) - CVE-2020-8260
Published: April 21, 2021 / Updated: February 20, 2022
Vulnerability identifier: #VU52472
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Green
CVE-ID: CVE-2020-8260
CWE-ID: CWE-434
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: Ivanti
Affected software:
Ivanti Connect Secure (formerly Pulse Connect Secure)
Ivanti Policy Secure (formerly Pulse Policy Secure)
Ivanti Connect Secure (formerly Pulse Connect Secure)
Ivanti Policy Secure (formerly Pulse Policy Secure)
Detailed vulnerability description
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload within the administrative web interface. A remote user can upload a malicious gzip file to the system and extract its contents into arbitrary directory.
Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.
How to mitigate CVE-2020-8260
Install updates from vendor's website.