Pulse Secure Releases Patches for Recent Zero-Day...

Pulse Secure Releases Patches for Recent Zero-Day Vulnerability (CVE-2021-22893)

On May 3, Pulse Secure updated its out-of-cycle advisory (SA44784) regarding a recently disclosed critical vulnerability in its Pulse Connect Secure (PCS) appliance.

The Pulse Secure advisory was originally published on April 20. In it, they announced that CVE-2021-22893, an authentication bypass vulnerability, had been exploited in the wild as a zero-day. At that time, no patch was available for the flaw, though Pulse Secure did say they planned to release a fix in early May.

As part of the patch to address CVE-2021-22893, Pulse Secure also fixed three additional vulnerabilities in Pulse Connect Secure:

CVE-2021-22894
CVE-2021-22899
CVE-2021-22900

For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Pulse Secure Releases Patches for Recent Zero-Day...

Recent Discussions

Microsoft’s February 2026 Patch Tuesday Addresses 54 CVEs (CVE-2026-21510, CVE-2026-21513)

Frequently Asked Questions About Notepad++ Supply Chain Compromise

Ivanti Endpoint Manager Mobile Zero-Days Exploited (CVE-2026-1281, CVE-2026-1340)

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Americas

Europe

Asia / Australia