Security News > 2023 > August > Exploit released for Ivanti Sentry bug abused as zero-day in attacks

Exploit released for Ivanti Sentry bug abused as zero-day in attacks
2023-08-24 15:20

Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems.

Successful exploitation can let them run system commands or write files onto systems running Ivanti Sentry versions 9.18 and prior.

According to a Shodan search, more than 500 Ivanti Sentry instances are currently exposed online.

Ivanti warns of new actively exploited MobileIron zero-day bug.

Ivanti patches MobileIron zero-day bug exploited in attacks.

Exploit released for new Arcserve UDP auth bypass vulnerability.


News URL

https://www.bleepingcomputer.com/news/security/exploit-released-for-ivanti-sentry-bug-abused-as-zero-day-in-attacks/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Ivanti 27 0 51 157 75 283
Sentry 4 1 9 2 0 12