Security News > 2023 > August > Exploit released for Ivanti Sentry bug abused as zero-day in attacks
Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems.
Successful exploitation can let them run system commands or write files onto systems running Ivanti Sentry versions 9.18 and prior.
According to a Shodan search, more than 500 Ivanti Sentry instances are currently exposed online.
Ivanti warns of new actively exploited MobileIron zero-day bug.
Ivanti patches MobileIron zero-day bug exploited in attacks.
Exploit released for new Arcserve UDP auth bypass vulnerability.
News URL
Related news
- Google fixes two Android zero-days used in targeted attacks (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit (source)
- Palo Alto Networks patches two firewall zero-days used in attacks (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)