PT-2025-6247 · Ivanti · Ivanti Policy Secure +1

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.3 Ivanti Policy Secure versions prior to 22.7R1.3 Description: A hardcoded key in the software allows a local authenticated attacker with admin privileges to read sensitive data. Recommendations:...

Ivanti Connect Secure 安全漏洞

Ivanti Connect Secure is a secure remote network connection tool from Ivanti USA. A security vulnerability exists in Ivanti Connect Secure versions prior to 22.7R2.3 and Ivanti Policy Secure versions prior to 22.7R1.2. An attacker can exploit the vulnerability to remotely execute code...

CVE-2024-37400

An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service...

CVE-2024-37400

CVE-2024-37400 is an out-of-bounds read in Ivanti Connect Secure prior to version 22.7R2.3 that allows a remote unauthenticated attacker to trigger an infinite loop, resulting in a denial of service. Public sources in the connected documents confirm affected product/version: Ivanti Connect Secure...

CVE-2024-47906

Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 Not Applicable to 9.1Rx and Ivanti Policy Secure before version 22.7R1.2 Not Applicable to 9.1Rx allows a local authenticated attacker to escalate privileges...

PT-2024-32884 · Ivanti · Ivanti Policy Secure +1

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.3 Ivanti Policy Secure versions prior to 22.7R1.2 Description: A stack-based buffer overflow allows a remote authenticated attacker with admin privileges to cause a denial of service...