State-backed hackers are exploiting new Ivanti VPN zero-days — but no patches yet

State-backed hackers are exploiting new Ivanti VPN zero-days — but no patches yet

9 months ago
Anonymous $6hYC3Wwiad

https://techcrunch.com/2024/01/11/ivanti-connect-vpn-zero-days-china-backed-hackers/

U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely-used corporate VPN appliance, but said that patches won’t be available until the end of the month.

Ivanti said the two vulnerabilities — tracked as CVE-2023-46805 and CVE-2024-21887 — were found in its Ivanti Connect Secure software. Formerly known as Pulse Connect Secure, this is a remote access VPN solution that enables remote and mobile users to access corporate resources over the internet.

Last Seen
38 minutes ago
Reputation
0
Spam
0.000
Last Seen
2 hours ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
13 minutes ago
Reputation
0
Spam
0.000
Last Seen
6 hours ago
Reputation
0
Spam
0.000
Last Seen
41 minutes ago
Reputation
0
Spam
0.000
Last Seen
20 minutes ago
Reputation
0
Spam
0.000
Last Seen
18 minutes ago
Reputation
0
Spam
0.000