Ivanti VPN Zero-Day Exploits: State-Sponsored Hackers at Work

January 10, 2024 at 10:18 PM

•

1 min read

Ivanti VPN Zero-Day Exploits: State-Sponsored Hackers at Work — Photo: Ars Technica

TL;DR Summary

Hackers are actively exploiting two critical zero-day vulnerabilities in Ivanti Connect Secure, a widely used VPN appliance, to bypass two-factor authentication and execute malicious code inside networks. The vulnerabilities, tracked as CVE-2023-46805 and CVE-2024-21887, allow attackers to run commands on the system, steal configuration data, modify files, and gain unfettered access to systems on the network. The attacks are attributed to a threat actor suspected to be a Chinese nation-state-level actor, and there are approximately 15,000 affected Ivanti appliances exposed to the Internet. Organizations using Ivanti Connect Secure are urged to take immediate action to mitigate the vulnerabilities.

Topics:business #cybersecurity #ivanti #rce #vpn #zero-day-vulnerabilities

Share this article

Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks Ars Technica
Ivanti warns of Connect Secure zero-days exploited in attacks BleepingComputer
State-backed hackers are exploiting new Ivanti VPN zero-days — but no patches yet TechCrunch
Infoseccers think attackers backed by China are behind Ivanti zero-day exploits The Register
State-Sponsored Hackers Exploit Zero-Day Flaws in Ivanti VPN PCMag

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

85%

658 → 98 words

Want the full story? Read the original article

Read on Ars Technica

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights