Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Posts
Filter by Categories







[CVSS 8+] Ivanti’s Security Saga: New Vulnerability Emerges

Executive Summary

Ivanti has recently disclosed a new high-severity vulnerability, CVE-2024-22024, that affects Ivanti Connect Secure, Policy Secure, and ZTA Gateways.

This vulnerability, with a CVSS score of 8.3, was disclosed following the exploitation of several other vulnerabilities in Ivanti.

While there is currently no evidence of CVE-2024-22024 being exploited, it is crucial to apply patches immediately due to ongoing exploits. Please refer to our recent news article for an overview of the recent critical Ivanti vulnerabilities and exploits.

About CVE-2024-22024

CVE-2024-22024 poses a significant risk to users, enabling unauthorized access to restricted resources without authentication.

Ivanti identified this XML External Entity (XXE) vulnerability, with a CVSS score of 8.3, during internal reviews. The affected versions range from Ivanti Connect Secure 9.1R14.4 to 22.5R1.1, Ivanti Policy Secure 22.5R1.1, and ZTA 22.6R1.3, urging users to apply patches promptly.

Ivanti’s Recommendations

In response to CVE-2024-22024, Ivanti advises immediate patching across all affected versions, emphasizing proactive measures to mitigate potential risks.

Despite the absence of known exploits, users are urged to prioritize security by staying informed about updates from Ivanti and security analysts. Please refer to Ivanti’s advisory for more information.

Ivanti’s Security Crisis

CVE-2024-22024 adds to a series of Ivanti security flaws. Previous vulnerabilities have sparked widespread exploitation attempts, particularly concerning given Ivanti’s prominent use in government sectors. As a result, CISA instructed all US government agencies to disconnect Ivanti Connect Secure and Policy Secure VPN appliances by February 2, 2024.

While Ivanti has been releasing mitigations and patches, questions linger regarding the resilience of its products, underscoring the importance of proactive security measures in today’s threat landscape.

Furthermore, cybersecurity expert Kevin Beaumont raised concerns about the outdated software used in Ivanti products. He described the products as “built on old versions of a discontinued tool with components from a decade ago.” This observation underscores the supply chain risk, where weaknesses in third-party components can compromise the entire system’s security.

RECENT BLOG POSTS

PODCASTS

Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.