The Windows client for Pulse Secure versions prior to 9.1.6 have a TOCTOU bug that allows an attacker to escalate the privilege to NT_AUTHORITY\SYSTEM.
dca63b6d0e232c655c5aa1e46657175b0a75544592e4c07a004fd3566b85e29b
Red Timmy Sec has discovered that Pulse Secure Client for Windows suffers from a local privilege escalation vulnerability in the PulseSecureService.exe service.
5f5a0396cb9bd8b8918531a470f34efbfce05c416ca68a1d578867b7468c1362