Ivanti Researchers Report Two Critical Zero-Day Vulnerabilities
Patches will be available in late January and February, but until then, customers must take mitigation measures.
January 11, 2024
Ivanti researchers this week flagged two zero-day vulnerabilities discovered in its products — CVE-2023-46805 and CVE-2024-21887— that are already being actively exploited by threat actors.
The vulnerabilities were found in Ivanti Connect Secure (ICS) and Ivanti Policy Secure gateways, and the vulnerabilities affect all supported versions (Version 9.x and 22.x). Volexity assisted in identifying and reporting the issues in Ivanti Connect Secure, Ivanti Policy Secure, and ZTA gateways.
CVE-2023-46805 is an authentication bypass vulnerability that allows threat actors to access restricted materials remotely and has a CVSS rating of 8.2. CVE-2024-21887, with a CVSS rating of 9.1, is a command injection vulnerability that allows authenticated admins to send unique requests as well as execute arbitrary commands.
Ivanti researchers reported that mitigation is available and patches will be released in waves in a staggered approach — a patch for the authentication bypass vulnerability will be available Jan. 22; a patch for the command injection vulnerability is slated for Feb. 19. Mitigation is available from the vendor while the patches are being developed, but Ivanti researchers stress it's essential that customers take immediate action.
For assistance or help with questions, Ivanti is directing customers to its Success Portal to request a call or log a case. Instructions on how to apply the mitigation are available on the website.
About the Author(s)
You May Also Like
Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024