Security News > 2024 > September > Critical Ivanti vTM auth bypass bug now exploited in attacks
2024-09-24 17:03
CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks. [...]
News URL
Related news
- Critical auth bypass bug in CrushFTP now exploited in attacks (source)
- Ivanti warns of critical Neurons for ITSM auth bypass flaw (source)
- Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware (source)
- 41% of Attacks Bypass Defenses: Adversarial Exposure Validation Fixes That (source)
- ASUS warns of critical auth bypass flaw in routers using AiCloud (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- SAP fixes critical Netweaver flaw exploited in attacks (source)
- More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans (source)
- New "Bring Your Own Installer" EDR bypass used in ransomware attack (source)
- Fortinet fixes critical zero-day exploited in FortiVoice attacks (source)