Security News > 2023 > August > Exploit released for Ivanti Sentry bug abused as zero-day in attacks
2023-08-24 15:20
Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems.
Successful exploitation can let them run system commands or write files onto systems running Ivanti Sentry versions 9.18 and prior.
According to a Shodan search, more than 500 Ivanti Sentry instances are currently exposed online.
Ivanti warns of new actively exploited MobileIron zero-day bug.
Ivanti patches MobileIron zero-day bug exploited in attacks.
Exploit released for new Arcserve UDP auth bypass vulnerability.
News URL
Related news
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Ivanti warns of three more CSA zero-days exploited in attacks (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381) (source)
- Mozilla fixes Firefox zero-day actively exploited in attacks (source)
- Firefox Zero-Day Under Attack: Update Your Browser Immediately (source)