9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.973 High
EPSS
Percentile
99.9%
attack.mitre.org/versions/v14/matrices/enterprise/
attack.mitre.org/versions/v14/tactics/TA0003/
attack.mitre.org/versions/v14/tactics/TA0006/
attack.mitre.org/versions/v14/tactics/TA0008/
attack.mitre.org/versions/v14/techniques/T1059/001/
attack.mitre.org/versions/v14/techniques/T1078/
attack.mitre.org/versions/v14/techniques/T1190/
attack.mitre.org/versions/v14/techniques/T1203/
attack.mitre.org/versions/v14/techniques/T1505/003/
attack.mitre.org/versions/v14/techniques/T1505/003/
cisa.gov/news-events/directives/ed-24-01-mitigate-ivanti-connect-secure-and-ivanti-policy-secure-vulnerabilities
forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
forums.ivanti.com/s/article/KB44755?language=en_US
github.com/cisagov/Decider/
github.com/volexity/threat-intel/blob/main/2024/2024-01-10%20Ivanti%20Connect%20Secure/indicators/iocs.csv
learn.microsoft.com/en-us/dotnet/api/system.reflection.assembly.load?view=net-8.0
media.defense.gov/2021/Sep/28/2002863184/-1/-1/0/CSI_SELECTING-HARDENING-REMOTE-ACCESS-VPNS-20210928.PDF
nvd.nist.gov/vuln/detail/CVE-2023-46805
nvd.nist.gov/vuln/detail/CVE-2023-46805
nvd.nist.gov/vuln/detail/CVE-2023-46805
nvd.nist.gov/vuln/detail/CVE-2024-21887
nvd.nist.gov/vuln/detail/CVE-2024-21887
nvd.nist.gov/vuln/detail/CVE-2024-21887
nvd.nist.gov/vuln/detail/CVE-2024-21888
nvd.nist.gov/vuln/detail/CVE-2024-21893
nvd.nist.gov/vuln/detail/CVE-2024-21893
nvd.nist.gov/vuln/detail/CVE-2024-21893
nvd.nist.gov/vuln/detail/CVE-2024-22024
pages.nist.gov/800-63-3/
public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138
twitter.com/CISAgov
twitter.com/intent/tweet?text=Threat%20Actors%20Exploit%20Multiple%20Vulnerabilities%20in%20Ivanti%20Connect%20Secure%20and%20Policy%20Secure%20Gateways+https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b
www.cisa.gov/cross-sector-cybersecurity-performance-goals
www.cisa.gov/forms/report
www.cisa.gov/forms/report
www.cisa.gov/known-exploited-vulnerabilities-catalog
www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a
www.cisa.gov/news-events/news/best-practices-mitre-attckr-mapping
www.cisa.gov/resources-tools/resources/secure-by-design-and-default
www.cisa.gov/sbom
www.cisa.gov/securebydesign
www.cyber.gc.ca/en/alerts-advisories/ivanti-connect-secure-and-ivanti-policy-secure-gateways-zero-day-vulnerabilities
www.cyber.gov.au/
www.dhs.gov
www.dhs.gov/foia
www.dhs.gov/performance-financial-reports
www.facebook.com/CISA
www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b&title=Threat%20Actors%20Exploit%20Multiple%20Vulnerabilities%20in%20Ivanti%20Connect%20Secure%20and%20Policy%20Secure%20Gateways
www.fbi.gov/contact-us/field-offices
www.fbi.gov/contact-us/field-offices
www.gov.uk/guidance/where-to-report-a-cyber-incident
www.ic3.gov/
www.instagram.com/cisagov
www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b
www.mandiant.com/resources/blog/investigating-ivanti-exploitation-persistence
www.mandiant.com/resources/blog/investigating-ivanti-zero-day-exploitation
www.mandiant.com/resources/blog/investigating-ivanti-zero-day-exploitation
www.mandiant.com/resources/blog/investigating-ivanti-zero-day-exploitation
www.mandiant.com/resources/blog/investigating-ivanti-zero-day-exploitation
www.mandiant.com/resources/blog/suspected-apt-targets-ivanti-zero-day
www.oig.dhs.gov/
www.surveymonkey.com/r/CISA-cyber-survey?product=https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b
www.usa.gov/
www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/
www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/
www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/
www.volexity.com/blog/2024/01/10/active-exploitation-of-two-zero-day-vulnerabilities-in-ivanti-connect-secure-vpn/
www.volexity.com/blog/2024/01/15/ivanti-connect-secure-vpn-exploitation-goes-global/
www.whitehouse.gov/
www.youtube.com/@cisagov
mailto:?subject=Threat%20Actors%20Exploit%20Multiple%20Vulnerabilities%20in%20Ivanti%20Connect%20Secure%20and%20Policy%20Secure%20Gateways&body=www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.973 High
EPSS
Percentile
99.9%