Security News

Two zero-day vulnerabilities in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers have discovered. The two security flaws affect all supported versions of Ivanti Connect Secure - formerly known as Pulse Connect Secure - and Ivanti Policy Secure.

A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity...

Ivanti has disclosed two Connect Secure and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted gateways. Ivanti says the two zero-days have already been exploited in the wild in attacks targeting a small number of customers.

Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager (EPM) solution that, if successfully exploited, could result in remote code execution (RCE) on...

Ivanti fixed a critical remote code execution vulnerability in its Endpoint Management software that can let unauthenticated attackers hijack enrolled devices or the core server. Ivanti EPM helps manage client devices running a wide range of platforms, from Windows and macOS to Chrome OS and IoT operating systems.

Ivanti has released security updates to fix 13 critical security vulnerabilities in the company's Avalanche enterprise mobile device management solution.As Ivanti explained on Wednesday, these security flaws are due to WLAvalancheService stack or heap-based buffer overflow weaknesses reported by Tenable security researchers and Trend Micro's Zero Day Initiative.

Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems. Successful exploitation can let them run system commands or write files onto systems running Ivanti Sentry versions 9.18 and prior.

Ivanti is urging administrators of Ivanti Sentry gateways to patch a newly discovered vulnerability that could be exploited to change configuration, run system commands, or write files onto the vulnerable system. CVE-2023-38035 is an API authentication bypass flaw that may enable unauthenticated attackers to access APIs that are used to configure the Ivanti Sentry on the administrator portal/interface, which runs by default on port 8443.

Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry that it said is being actively exploited in the wild, marking an escalation of its security woes. "If exploited, this vulnerability enables an unauthenticated actor to access some sensitive APIs that are used to configure the Ivanti Sentry on the administrator portal," the company said.

A critical authentication bypass bug in MobileIron Sentry has been exploited in the wild, its maker Ivanti said in an advisory on Monday. This vulnerability, tracked as CVE-2023-38035, is a 9.8-of-10 flaw in terms of CVSS severity, and strictly speaking lies within Ivanti Sentry, formerly known as MobileIron Sentry.