Pulse Secure released an advisory for Pulse Connect Secure with a workaround for a high priority vulnerability that allows a remote authenticated user with privileges to browse SMB shares and execute arbitrary code as the root user.
System administrators are urged to apply the workaround immediately and update to 9.1R11.5 when it is released in the future.
Read the full details here:
Pulse Secure VPNs Get Quick Fix for Critical RCE
Out-of-Cycle Advisory: Pulse Connect Secure Buffer Overflow Vulnerability