An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an malicious user to access certain restricted resources without authentication.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ivanti connect secure 22.5 |
||
ivanti connect secure 9.1 |
||
ivanti connect secure 22.4 |
||
ivanti policy secure 22.5 |
||
ivanti zero trust access 22.6 |
New Ivanti RCE flaw may impact 16,000 exposed VPN gateways By Bill Toulas April 5, 2024 01:40 PM 0 Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week. The flaw is tracked as CVE-2024-21894 and is a high-severity heap overflow in the IPSec component of Ivanti Connect Secure 9.x and 22.x, potentially allowing unauthenticated users to cause denial of ...
Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks By Sergiu Gatlan April 3, 2024 01:29 PM 0 IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways. Unauthenticated attackers can exploit one of them, a high-severity flaw tracked as CVE-2024-21894, to gain remote code execution and trigger denial of service states on unpatched appliances in low-complexity attacks that don't require use...
Ivanti fixes critical Standalone Sentry bug reported by NATO By Sergiu Gatlan March 20, 2024 01:08 PM 0 Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers. Standalone Sentry is deployed as an organization's Kerberos Key Distribution Center Proxy (KKDCP) server or as a gatekeeper for ActiveSync-enabled Exchange and Sharepoint servers. Tracked as CVE-2023-41724, the security flaw impacts all supported ...
CISA warns against using hacked Ivanti devices even after factory resets By Sergiu Gatlan February 29, 2024 03:35 PM 0 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who breached Ivanti appliances using one of multiple actively exploited vulnerabilities can maintain root persistence even after performing factory resets. Furthermore, they can also evade detection by Ivanti's internal and external Integrity Checker Tool (ICT) on Ivanti Connect Secure...
CISA cautions against using hacked Ivanti VPN gateways even after factory resets By Sergiu Gatlan February 29, 2024 03:35 PM 0 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets. Furthermore, they can also evade detection by Ivanti's internal and external Integrity Checker Tool (ICT) on Iv...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Software company's claim of there being no active exploits also being questioned
In disclosing yet another vulnerability in its Connect Secure, Policy Secure, and ZTA gateways, Ivanti has confused the third-party researchers who discovered it. Researchers at watchTowr blogged today about not being credited with the discovery of CVE-2024-22024 – the latest in a series of vulnerabilities affecting Ivanti gateways as the vendor continues to develop patches for supported versions. The high-severity authentication bypass flaw only affects a limited number of supported versions,...
Vulmon