CVE-2020-8956
LOWPulse Secure Desktop Client <9.0R5, <9.1R4 - Info Disclosure
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-8956.
Includes Metasploit module post/windows/gather/credentials/pulse_secure.
AI-analyzed exploit summary This Metasploit module extracts and decrypts saved Pulse Secure Connect Client passwords from the Windows Registry, leveraging DPAPI decryption via CryptUnprotectData. It requires a Meterpreter session and can only access credentials for the current user unless run as SYSTEM.
Description
Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled.
Exploits (1)
This Metasploit module extracts and decrypts saved Pulse Secure Connect Client passwords from the Windows Registry, leveraging DPAPI decryption via CryptUnprotectData. It requires a Meterpreter session and can only access credentials for the current user unless run as SYSTEM.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N