Threat Brief: Multiple Ivanti Vulnerabilities [Tuesday, February 06, 2024]

Ivanti disclosed four vulnerabilities in its Connect Secure and Policy Secure products since early January 2024. Two of the vulnerabilities allow u...
Threat Brief: Multiple Ivanti Vulnerabilities [Tuesday, February 06, 2024]
Threat Brief: Multiple Ivanti Vulnerabilities

Threat Brief: Multiple Ivanti Vulnerabilities

Description :
Ivanti disclosed four vulnerabilities in its Connect Secure and Policy Secure products since early January 2024. Two of the vulnerabilities allow unauthenticated remote code execution. Proof of concept exploits have been publicly released, and attackers are actively exploiting the vulnerabilities. Ivanti has released some patches and workarounds. Palo Alto Networks products can help identify vulnerable systems and block exploitation attempts.

Published Created Modified
2024-02-06 15:53:29 2024-02-06 15:53:29 2024-02-06 16:12:01

Tags

Indicators

IPv4s : URLs : Domains : Hashes :
  • 0c9ada54a8a928a747d29d4132565c4ccecca0a02abe8675914a70e82c5918d2
  • bbfba00485901f859cf532925e83a2540adfe01556886837d8648cd92519c68d
Location :
  • United States of America
MITRE ATT&CK Techniques : Other observables :
  • CVE-2024-21888
  • CVE-2024-21893
  • CVE-2023-35078
  • CVE-2023-46805
  • CVE-2024-21887
  • Technology

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.