Security News > 2025 > February > Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now
2025-02-12 05:57
Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below - CVE-2024-38657 (CVSS score: 9.1) - External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy
News URL
https://thehackernews.com/2025/02/ivanti-patches-critical-flaws-in.html
Related news
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware (source)
- Microsoft: New Windows updates fix Active Directory policy issues (source)
- ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware (source)