Serra Ilgaz’s Post

View profile for Serra Ilgaz, graphic

A life-long learner | #TechLeadership #AIforImpact #Cybersecurity | MSc Cyber Security | MBA | BSc Industrial Engineering | Prosci ADKAR

🚨🚨All supported versions of the Ivanti Connect Secure—often abbreviated as ICS and formerly known as Pulse Secure—are still affected🚨🚨 Background: On Jan. 10, 2024, Ivanti disclosed two new vulnerabilities in their Ivanti Connect Secure (ICS) and Ivanti Policy Secure gateways: CVE-2023-46805 and CVE-2024-21887. The first CVE is a High severity authentication bypass vulnerability, and the second CVE is a Critical severity command injection vulnerability. These vulnerabilities impact all supported versions of the gateways. Details: These vulnerabilities, when exploited conjointly, facilitate remote code execution on servers, impacting all supported versions of Ivanti Connect Secure (formerly known as Pulse Secure). Notably, threat actors leverage a sophisticated evasion technique known as "living off the land," employing legitimate software and tools to obfuscate their activities. Remediation as of Jan 24th: 🚨‼️Given the gravity of these vulnerabilities and the potential repercussions of exploitation, users are strongly advised to prioritize the mitigation of these vulnerabilities, even if it necessitates a temporary suspension of VPN usage. #Cybersecurity #vulnerabilitymanagement #avanti

Mass exploitation of Ivanti VPNs is infecting networks around the globe

Mass exploitation of Ivanti VPNs is infecting networks around the globe

arstechnica.com

To view or add a comment, sign in

Explore topics