CVE-2019-11510: Pulse Secure VPN Arbitrary File Read

Score: 10
CRITICAL
Published: 2019-05-08Affected: Pulse Connect Secure < 9.0R3.4CWE-22 β†—

Is Pulse Secure VPN vulnerable?

A path traversal vulnerability in Pulse Secure VPN that allows unauthenticated remote attackers to read arbitrary files from the VPN server, including cached plaintext credentials and session data.

Impact & Exploitation

Exploited by Chinese and Iranian APTs. Led to the compromise of defense contractors, government agencies, and financial institutions. VPN credential theft enabled persistent network access.

Related Resources

πŸ” Related CWE Entries

πŸ“– Security Guides

πŸ›‘οΈ Notable Vulnerabilities

πŸ”— External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS10
SeverityCRITICAL
CWECWE-22
Published2019-05-08

Tags

vpnpath-traversalfirmwarenation-state

Quick Links

Is your system affected?

Precogs AI detects Pulse Secure VPN Arbitrary File Read in compiled binaries and firmware β€” even without source code.

Request Deep Analysis

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2019-11510 Pulse Secure VPN Arbitrary File Read don’t just exist in source code β€” they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack β€” even when source code isn’t available.

Request Deep AnalysisBook a demo