Security News > 2025 > February > Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now
2025-02-12 05:57
Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below - CVE-2024-38657 (CVSS score: 9.1) - External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy
News URL
https://thehackernews.com/2025/02/ivanti-patches-critical-flaws-in.html
Related news
- Ivanti fixes three critical flaws in Connect Secure & Policy Secure (source)
- Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption (source)
- Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure (source)
- Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
- Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws (source)