Stop us if you've heard this one before: a remote-code execution vulnerability needs patching in Pulse Secure VPNs.
Professional code-probers at GoSecure uncovered a host of security flaws, including CVE-2020-8218, which it publicly disclosed this week after a patch was issued. The other holes are yet to be addressed, and so details on those remain under wraps for now.
What we do know is that CVE-2020-8218 can be exploited to execute code on the VPN system by tricking an administrator into, say, opening a URL.