As if two Ivanti vulnerabilities under explot wasn’t bad enough, now there are 3

As if two Ivanti vulnerabilities under explot wasn’t bad enough, now there are 3

8 months ago
Anonymous $6hYC3Wwiad

https://arstechnica.com/security/2024/02/as-if-two-ivanti-vulnerabilities-under-explot-wasnt-bad-enough-now-there-are-3/

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, researchers said Monday.

The new vulnerability, tracked as CVE-2024-21893, is what’s known as a server-side request forgery. Ivanti disclosed it on January 22, along with a separate vulnerability that so far has shown no signs of being exploited. Last Wednesday, nine days later, Ivanti said CVE-2024-21893 was under active exploitation, aggravating an already chaotic few weeks. All of the vulnerabilities affect Ivanti’s Connect Secure and Policy Secure VPN products.

Last Seen
56 minutes ago
Reputation
0
Spam
0.000
Last Seen
59 minutes ago
Reputation
0
Spam
0.000
Last Seen
26 minutes ago
Reputation
0
Spam
0.000
Last Seen
26 minutes ago
Reputation
0
Spam
0.000
Last Seen
5 hours ago
Reputation
0
Spam
0.000
Last Seen
10 minutes ago
Reputation
0
Spam
0.000
Last Seen
15 minutes ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
7 minutes ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
2 hours ago
Reputation
0
Spam
0.000