Zero-day vulnerability in Ivanti software [Wednesday, February 14, 2024]

Several actively exploited 0-day vulnerabilities were discovered in Ivanti products, including Ivanti Connect Secure and Ivanti Policy Secure. The ...
Zero-day vulnerability in Ivanti software [Wednesday, February 14, 2024]
Zero-day vulnerability in Ivanti software

Zero-day vulnerability in Ivanti software

Description :
Several actively exploited 0-day vulnerabilities were discovered in Ivanti products, including Ivanti Connect Secure and Ivanti Policy Secure. The vulnerabilities allow unauthenticated remote code execution and have been exploited by threat actors to install webshells and steal credentials. Ivanti has released patches and mitigations to address the issues. Organizations using vulnerable Ivanti products are advised to apply patches or mitigations as soon as possible and investigate for signs of compromise.

Published Created Modified
2024-02-14 09:42:59 2024-02-14 09:42:59 2024-02-14 10:02:20

Tags

Indicators

IPv4s : Domains : Malwares :
  • GLASSTOKEN
  • ZIPLINE
  • WARPWIRE
  • LIGHTWIRE
  • WIREFIRE
  • THINSPOOL
Intrusion set :
  • UTA0178
MITRE ATT&CK Techniques : Other observables :
  • CVE-2024-22024
  • CVE-2023-36661
  • CVE-2024-21888
  • CVE-2024-21893
  • CVE-2023-46805
  • CVE-2024-21887

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.