Security News > 2024 > January > Ivanti warns of Connect Secure zero-days exploited in attacks
Ivanti has disclosed two Connect Secure and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted gateways.
Ivanti says the two zero-days have already been exploited in the wild in attacks targeting a small number of customers.
"Based on our analysis, Ivanti has not found any indication that this vulnerability was introduced into our code development process maliciously. Ivanti has no indication that it has been compromised."
Last week, Ivanti said that a critical remote code execution vulnerability in its Endpoint Management software could be abused by unauthenticated attackers to hijack enrolled devices or the core server.
A month later, hackers exploited a third zero-day flaw in Ivanti's Sentry software to bypass API authentication on vulnerable devices.
Ivanti warns critical EPM bug lets hackers hijack enrolled devices.
News URL
Related news
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- Ivanti fixes EPMM zero-days chained in code execution attacks (source)
- Ivanti patches two zero-days under active attack as intel agency warns customers (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- SAP fixes suspected Netweaver zero-day exploited in attacks (source)
- More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)