"Ivanti Issues Patches for Active Zero-Day Exploits in Connect Secure VPN"

January 31, 2024 at 01:41 PM

•

1 min read

"Ivanti Issues Patches for Active Zero-Day Exploits in Connect Secure VPN" — Photo: BleepingComputer

TL;DR Summary

Ivanti has warned of two new vulnerabilities affecting its Connect Secure, Policy Secure, and ZTA gateways, including a zero-day bug (CVE-2024-21893) being actively exploited, allowing attackers to bypass authentication and access restricted resources. Another flaw (CVE-2024-21888) enables threat actors to escalate privileges to those of an administrator. Patches and mitigation measures have been released, with over 460 compromised devices discovered on January 30 alone. The vulnerabilities have been exploited in widespread attacks targeting government, military, telecom, finance, and tech organizations, with custom malware strains deployed to steal credentials and drop additional malicious payloads.

Topics:business #cybersecurity #ivanti #saml #threat-actors #zero-day-vulnerability

Share this article

Ivanti warns of new Connect Secure zero-day exploited in attacks BleepingComputer
CISA: Attackers Are Bypassing Ivanti VPN Bug Mitigations CRN
Cutting Edge, Part 2: Investigating Ivanti Connect Secure VPN Zero-Day Exploitation Mandiant
Ivanti releases patches for VPN zero-days, discloses two more high-severity vulns The Register
Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation The Hacker News

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

80%

471 → 93 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights