Security News > 2024 > April > New Ivanti RCE flaw may impact 16,000 exposed VPN gateways

New Ivanti RCE flaw may impact 16,000 exposed VPN gateways
2024-04-05 17:40

Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution flaw the vendor addressed earlier this week.

The flaw is tracked as CVE-2024-21894 and is a high-severity heap overflow in the IPSec component of Ivanti Connect Secure 9.x and 22.x, potentially allowing unauthenticated users to cause denial of service or achieve RCE by sending specially crafted requests.

Two days later, Shadowserver added CVE-2024-21894 into its scanning capabilities, reporting that about 16,500 instances are vulnerable to the RCE flaw.

Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks.

Hackers exploit critical RCE flaw in Bricks WordPress site builder.

Over 13,000 Ivanti gateways vulnerable to actively exploited bugs.


News URL

https://www.bleepingcomputer.com/news/security/new-ivanti-rce-flaw-may-impact-16-000-exposed-vpn-gateways/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-04-04 CVE-2024-21894 Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack.
network
low complexity
ivanti CWE-787
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Ivanti 23 9 60 74 51 194