Security News

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
2024-10-03 06:06

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited...

Critical Ivanti RCE flaw with public exploit now used in attacks
2024-10-02 18:55

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. [...]

Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)
2024-09-25 09:41

CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation comes from the...

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns
2024-09-25 06:01

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities...

Critical Ivanti vTM auth bypass bug now exploited in attacks
2024-09-24 17:03

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited...

Ivanti patches exploited admin command execution flaw
2024-09-20 15:29

Fears over chained attacks affecting EOL product The US Cybersecurity and Infrastructure Security Agency (CISA) just added the latest Ivanti weakness to its Known Exploited Vulnerability (KEV)...

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
2024-09-20 04:18

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier...

Ivanti warns of another critical CSA flaw exploited in attacks
2024-09-19 18:39

Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. [...]

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)
2024-09-17 09:55

CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, but there may be more...

Exploit code released for critical Ivanti RCE flaw, patch now
2024-09-16 19:08

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. [...]