Security News > 2023 > August > Exploit released for Ivanti Sentry bug abused as zero-day in attacks
2023-08-24 15:20
Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems.
Successful exploitation can let them run system commands or write files onto systems running Ivanti Sentry versions 9.18 and prior.
According to a Shodan search, more than 500 Ivanti Sentry instances are currently exposed online.
Ivanti warns of new actively exploited MobileIron zero-day bug.
Ivanti patches MobileIron zero-day bug exploited in attacks.
Exploit released for new Arcserve UDP auth bypass vulnerability.
News URL
Related news
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)