Security News

MITRE says state hackers breached its network via Ivanti zero-days
2024-04-19 19:02

The MITRE Corporation says that a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. The incident was discovered after suspicious activity was detected on MITRE's Networked Experimentation, Research, and Virtualization Environment, an unclassified collaborative network used for research and development.

Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
2024-04-18 11:59

The newest version of Ivanti Avalanche - the company's enterprise mobile device management solution - carries fixes for 27 vulnerabilities, two of which are critical and may allow a remote unauthenticated attacker to execute arbitrary commands on the underlying Windows system. Both critical vulnerabilities are heap overflow bugs: CVE-2024-29204 is in the WLAvalancheService, and CVE-2024-24996 in the WLInfoRailService component of Ivanti Avalanche before v6.4.3, and may allow unauthenticated remote attackers to execute arbitrary commands on vulnerable systems.

Ivanti warns of critical flaws in its Avalanche MDM solution
2024-04-16 19:52

Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management solution, two of them critical heap overflows that can be exploited for remote command execution. Avalanche is used by enterprise admins to remotely manage, deploy software, and schedule updates across large fleets of over 100,000 mobile devices from a single central location.

New Ivanti RCE flaw may impact 16,000 exposed VPN gateways
2024-04-05 17:40

Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution flaw the vendor addressed earlier this week. The flaw is tracked as CVE-2024-21894 and is a high-severity heap overflow in the IPSec component of Ivanti Connect Secure 9.x and 22.x, potentially allowing unauthenticated users to cause denial of service or achieve RCE by sending specially crafted requests.

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws
2024-04-05 07:15

Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The...

Ivanti commits to secure-by-design overhaul after vulnerability nightmare
2024-04-04 15:07

Ivanti has committed to adopting a secure-by-design approach to security as it gears up for an organizational overhaul in response to the multiple vulnerabilities in Connect Secure exploited earlier this year. CEO Jeff Abbott penned an open letter to Ivanti's customers and partners this week, saying "Events in recent months have been humbling," before detailing the various changes Ivanti plans to make.

Ivanti vows to transform its security operating model, reveals new vulnerabilities
2024-04-04 12:51

Ivanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure, some of which could also lead to execution of arbitrary code or information disclosure. Three months since attackers started exploiting a string of zero-days in Ivanti Connect Secure and bypassing mitigations for them, the company's CEO has announced they will be accelerating security initiatives and improving security practices.

Ivanti Rushes Patches for 4 New Flaws in Connect Secure and Policy Secure
2024-04-04 04:45

Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS). The list of...

Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks
2024-04-03 17:29

While Ivanti said the remote code execution risks are limited to "Certain conditions," the company didn't provide details on the vulnerable configurations. "We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure," Ivanti added.

CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products
2024-03-26 04:54

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation....