Ivanti Connect Secure and Policy Secure Attack

Released: Jan 23, 2024

Updated: Jun 25, 2024


Critical Severity

Ivanti Vendor

Attack Type


Zero-day vulnerabilities actively exploited

Widespread exploitation of zero-day vulnerabilities affecting Ivanti Connect Secure and Policy Secure gateways underway. Learn More »

Background

CVE-2023-46805 Is an Authentication Bypass Vulnerability found in the web component of Ivanti Connect Secure (ICS) and Ivanti Policy Secure to allow a remote attacker to access restricted resources by bypassing control checks. CVE-2024-21887 is a command injection vulnerability in web components of ICS and Ivanti Policy Secure. If CVE-2024-21887 is used in conjunction with CVE-2023-46805, exploitation does not require authentication and enables a threat actor to craft malicious requests and execute arbitrary commands on the system.

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT
  • Lure

  • Decoy VM

  • AV

  • AV (Pre-filter)

  • IPS

  • Web App Security

DETECT
  • IOC

  • Outbreak Detection

  • Threat Hunting

RESPOND
  • Automated Response

  • Assisted Response Services

RECOVER
  • NOC/SOC Training

  • End-User Training

IDENTIFY
  • Attack Surface Hardening

  • Attack Surface Monitoring (Inside & Outside)

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.


Loading ...

Indicators of compromise Indicators of compromise
IOC Threat Activity

Last 30 days

Chg

Avg 0