Ivanti Resolves Critical RCE Vulnerability Reported by NATO

March 21, 2024 at 03:55 AM

•

1 min read

Ivanti Resolves Critical RCE Vulnerability Reported by NATO — Photo: The Hacker News

TL;DR Summary

Ivanti has released an urgent fix for a critical remote code execution vulnerability (CVE-2023-41724) affecting Standalone Sentry, with a CVSS score of 9.6, urging customers to apply the patches immediately. The flaw impacts multiple versions and could allow unauthenticated threat actors to execute arbitrary commands on the underlying operating system. Ivanti has credited researchers for their collaboration on the issue and emphasized the importance of applying the fix. Additionally, a mutation cross-site scripting (mXSS) flaw impacting the open-source email client Mailspring has been revealed, which could be exploited to achieve code execution when a user interacts with a malicious email.

Topics:technology #cybersecurity #ivanti #patch #remote-code-execution #technology-cybersecurity #vulnerability

Share this article

Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability The Hacker News
Ivanti fixes critical Standalone Sentry bug reported by NATO BleepingComputer
Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724) Help Net Security
Critical RCE vulnerability patched by Ivanti TechRadar
Immediate patching of critical Ivanti vulnerabilities urged SC Media

Reading Insights

Total Reads

Unique Readers

Time Saved

1 min

vs 2 min read

Condensed

67%

307 → 100 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights