Security News > 2023 > August > Exploit released for Ivanti Sentry bug abused as zero-day in attacks
2023-08-24 15:20
Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems.
Successful exploitation can let them run system commands or write files onto systems running Ivanti Sentry versions 9.18 and prior.
According to a Shodan search, more than 500 Ivanti Sentry instances are currently exposed online.
Ivanti warns of new actively exploited MobileIron zero-day bug.
Ivanti patches MobileIron zero-day bug exploited in attacks.
Exploit released for new Arcserve UDP auth bypass vulnerability.
News URL
Related news
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Zero-day exploits plague Ivanti Connect Secure appliances for second year running (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Nominet probes network intrusion linked to Ivanti zero-day exploit (source)
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- New DoubleClickjacking attack exploits double-clicks to hijack accounts (source)
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) (source)