Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now

2025-02-12 05:57

Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below - CVE-2024-38657 (CVSS score: 9.1) - External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy

News URL

https://thehackernews.com/2025/02/ivanti-patches-critical-flaws-in.html

#critical #ivanti #policy #update #CVE-2024-38657

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-21	CVE-2024-38657	External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write arbitrary files.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Ivanti		29	1	56	180	79	316

News URL

Related news

Related Vulnerability

Related vendor