Security News > 2024 > February > Ivanti: Patch new Connect Secure auth bypass bug immediately

Ivanti: Patch new Connect Secure auth bypass bug immediately
2024-02-08 19:45

Today, Ivanti warned of a new authentication bypass vulnerability impacting Connect Secure, Policy Secure, and ZTA gateways, urging admins to secure their appliances immediately.

Shadowserver also monitors Ivanti Connect Secure VPN instances compromised worldwide daily, with almost 250 compromised devices discovered on Wednesday, February 7.

Ivanti also provides mitigation instructions for devices that can't be secured immediately against ongoing attacks or running software versions still waiting for a patch.

Ivanti warns of new Connect Secure zero-day exploited in attacks.

Ivanti Connect Secure zero-days now under mass exploitation.

Ivanti warns of Connect Secure zero-days exploited in attacks.


News URL

https://www.bleepingcomputer.com/news/security/ivanti-patch-new-connect-secure-auth-bypass-bug-immediately/