A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ivanti connect secure 22.1 |
||
ivanti connect secure 22.2 |
||
ivanti connect secure 9.1 |
||
ivanti policy secure 22.2 |
||
ivanti policy secure 22.1 |
||
ivanti policy secure 9.1 |
||
ivanti connect secure 22.5 |
||
ivanti connect secure 22.4 |
||
ivanti connect secure 22.3 |
||
ivanti connect secure 22.6 |
||
ivanti policy secure 22.3 |
||
ivanti policy secure 22.6 |
||
ivanti policy secure 22.5 |
||
ivanti policy secure 22.4 |
||
ivanti connect secure 9.0 |
||
ivanti policy secure 9.0 |
MITRE says state hackers breached its network via Ivanti zero-days By Sergiu Gatlan April 19, 2024 03:02 PM 1 The MITRE Corporation says that a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. The incident was discovered after suspicious activity was detected on MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaborative network used for research and development. MITRE has since notified a...
New Ivanti RCE flaw may impact 16,000 exposed VPN gateways By Bill Toulas April 5, 2024 01:40 PM 0 Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week. The flaw is tracked as CVE-2024-21894 and is a high-severity heap overflow in the IPSec component of Ivanti Connect Secure 9.x and 22.x, potentially allowing unauthenticated users to cause denial of ...
Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks By Sergiu Gatlan April 3, 2024 01:29 PM 0 IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways. Unauthenticated attackers can exploit one of them, a high-severity flaw tracked as CVE-2024-21894, to gain remote code execution and trigger denial of service states on unpatched appliances in low-complexity attacks that don't require use...
Ivanti fixes critical Standalone Sentry bug reported by NATO By Sergiu Gatlan March 20, 2024 01:08 PM 0 Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers. Standalone Sentry is deployed as an organization's Kerberos Key Distribution Center Proxy (KKDCP) server or as a gatekeeper for ActiveSync-enabled Exchange and Sharepoint servers. Tracked as CVE-2023-41724, the security flaw impacts all supported ...
Magnet Goblin hackers use 1-day flaws to drop custom Linux malware By Bill Toulas March 9, 2024 10:08 AM 1 Image: Midjourney A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and Linux systems. 1-day flaws refer to publicly disclosed vulnerabilities for which a patch has been released. Threat actors looking to exploit these flaws must do so quickly before a target can apply security up...
CISA warns against using hacked Ivanti devices even after factory resets By Sergiu Gatlan February 29, 2024 03:35 PM 0 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who breached Ivanti appliances using one of multiple actively exploited vulnerabilities can maintain root persistence even after performing factory resets. Furthermore, they can also evade detection by Ivanti's internal and external Integrity Checker Tool (ICT) on Ivanti Connect Secure...
CISA cautions against using hacked Ivanti VPN gateways even after factory resets By Sergiu Gatlan February 29, 2024 03:35 PM 0 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets. Furthermore, they can also evade detection by Ivanti's internal and external Integrity Checker Tool (ICT) on Iv...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Snoops had no fewer than five custom bits of malware to hand to backdoor networks
Two zero-day bugs in Ivanti products were likely under attack by cyberspies as early as December, according to Mandiant's threat intel team. The software biz disclosed the vulnerabilities in Ivanti Connect Secure (ICS) β the VPN server appliance previously known as Pulse Connect Secure β and its Policy Secure gateways on Wednesday. At the time the biz said someone or some group had already found and exploited the holes. A spokesperson for Ivanti told The Register the victim count was "less t...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources At this point you might be better off just shutting the stuff down
Various miscreants are attempting to exploit the latest Ivanti flaw, a server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 that can be used to hijack equipment. That's according to threat hunters tracking the string of CVE-listed security holes plaguing the VPN gateways in recent weeks. Ivanti on January 31 disclosed and began patching CVE-2024-21893, which is present in the SAML component of of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) ap...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Critics claim now-fixed vulnerabilities weren't disclosed, flag up grouping of multiple flaws under one CVE
Critics are accusing major tech companies of not sticking to the rules when it comes to registering vulnerabilities with the appropriate authorities. Both Juniper Networks and Ivanti have attracted criticism from members of the infosec industry for the way they've handled the disclosure of vulnerabilities over the past week. The networking giant was accused of patching security flaws without disclosing them as standalone vulnerabilities, while Ivanti was called out for seemingly bundling m...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources CEO addresses whirlwind start to 2024 and how it plans to prevent a repeat
Ivanti has committed to adopting a secure-by-design approach to security as it gears up for an organizational overhaul in response to the multiple vulnerabilities in Connect Secure exploited earlier this year. CEO Jeff Abbott penned an open letter to Ivanti's customers and partners this week, saying "events in recent months have been humbling," before detailing the various changes Ivanti plans to make. "We will use this opportunity to begin a new era at Ivanti," Abbott's letter reads. "We have c...