Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution.
The new DSLog backdoor allows threat actors to execute commands on compromised Ivanti servers remotely, and Orange Cyberdefense has confirmed its successful exploitation.
The software company Ivanti has identified yet another new vulnerability in one of its products requiring an immediate patch from users. In an advisory on Thursday afternoon, the company spotlighted CVE-2024-22024 — a vulnerability affecting Ivanti Connect Secure, Ivanti Policy Secure and ZTA gateways. The vulnerability carries a severity score of 8.3 and “allows an […]
Payloads recently found on compromised Ivanti Connect Secure appliances could be from the same, sophisticated threat actor, according to incident response provider Synacktiv. A new malware analysis from Synacktiv researcher Théo Letailleur showed that the 12 Rust payloads discovered by Volexity as part of its investigation into two Ivanti Connect Secure VPN remote code execution […]
Both Juniper Networks and Ivanti have attracted criticism from members of the infosec industry for the way they’ve handled the disclosure of vulnerabilities over the past week.
Compromised Ivanti Connect Secure IPs Last Friday, CISA issued Emergency Directive 24-01 mandating all Federal Civilian Executive Branch (FCEB) agencies to address two actively exploited vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure. These vulnerabilities, CVE-2023-46805 (an authentication bypass vulnerability) and CVE-2024-21887 (a command-injection vulnerability), when exploited in combination, allow malicious actors to achieve […]
Ivanti said it is seeing a spike in hackers targeting two recently disclosed vulnerabilities in its Connect Secure VPN product, as cybersecurity researchers also sized up the extent of the damage. Since issuing an advisory last week, “we have seen a sharp increase in threat actor activity and security researcher scans” concerning the bugs, an […]
Jan 11, 2024NewsroomCybersecurity / Zero-Day A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, […]