Security News > 2024 > March > Ivanti fixes critical Standalone Sentry bug reported by NATO

Ivanti fixes critical Standalone Sentry bug reported by NATO
2024-03-20 17:08

Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.

Ivanti also fixed a second critical vulnerability in its Neurons for ITSM IT service management solution that enables remote threat actors with access to an account with low privileges to execute commands "In the context of web application's user."

Since the start of the year, nation-state actors have exploited multiple Ivanti vulnerabilities as zero-days before a wide range of threat actors started leveraging them at a larger scale to deploy various custom malware strains.

Last month, over 13,000 Ivanti Connect Secure and Policy Secure endpoints were still vulnerable to attacks targeting the same security bugs.

Over 13,000 Ivanti gateways vulnerable to actively exploited bugs.

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor.


News URL

https://www.bleepingcomputer.com/news/security/ivanti-fixes-critical-standalone-sentry-bug-reported-by-nato/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Ivanti 26 9 64 115 60 248
Sentry 4 1 9 2 0 12