23 matches found
CVE-2024-21887
A command injection vulnerability in web components of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance...
MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws
The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure appliances starting in January 2024. The intrusion led to the compromise of its Networked Experimentation, Research, and Virtualization Environment NERVE...
Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware
At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTE...
Ivanti Connect Secure Unauthenticated Remote Code Execution Exploit
This Metasploit module chains a server side request forgery SSRF vulnerability CVE-2024-21893 and a command injection vulnerability CVE-2024-21887 to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All current...
Ivanti Connect Secure Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Connect Secure Unauthenticated Remote Code Execution', 'Description' = %q This module chains a server side request forgery SSRF...
Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries
A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of the process, said the base operating...
CISA: Disconnect vulnerable Ivanti products TODAY
In an emergency directive, the Cybersecurity and Infrastructure Security Agency CISA has ordered all federal agencies to disconnect all instances of Ivanti Connect Secure and Policy Secure solution products from agency networks no later than 11:59PM on Friday February 2, 2024. Besides the Ivanti...
Ivanti Policy Secure 9.x / 22.x Command Injection Vulnerability (CVE-2024-21887)
Binary data ivantipsCVE-2024-21887.nbin...
Ivanti Connect Secure 9.x / 22.x Command Injection Vulnerability (CVE-2024-21887)
Binary data ivanticsCVE-2024-21887.nbin...
Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure ICS virtual private network VPN devices have been exploited to deliver a Rust-based payload called KrustyLoader that's used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as...
Ivanti Connect Secure Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Connect Secure Unauthenticated Remote Code Execution', 'Description' = %q This module chains an authentication bypass vulnerability...
Ivanti Connect Secure Unauthenticated Remote Code Execution Exploit
This Metasploit module chains an authentication bypass vulnerability and a command injection vulnerability to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x prior...
Ivanti Connect Secure Unauthenticated Remote Code Execution
This module chains an authentication bypass vulnerability CVE-2023-46805 and a command injection vulnerability CVE-2024-21887 to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions...
Exploit for Command Injection in Ivanti Connect_Secure
🚨 CVE-2024-21887 Exploit Tool 🛠️ A robust tool for detecting...
Exploit for Improper Authentication in Ivanti Connect_Secure
CVE-2023-46805 An authentication bypass vulnerability in the w...
CVE-2024-21887
A command injection vulnerability in web components of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance...
CVE-2024-21887
A command injection vulnerability in web components of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance...
CVE-2024-21887
CVE-2024-21887 is a command-injection vulnerability in Ivanti Connect Secure and Ivanti Policy Secure web components (9.x, 22.x) that allows an authenticated administrator to craft requests and execute arbitrary commands on the device. The issue affects web components and is tied to OS command-in...
CVE-2024-21887
A command injection vulnerability in web components of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. Recent assessments: cbeek-r7 at January 11, 2024...
Dual Zero-Day Threats in Ivanti Connect Secure and Policy Secure Gateways – CVE-2023-46805 and CVE-2024-21887
In recent and alarming cybersecurity developments, Volexity researchers have discovered that attackers are exploiting two distinct zero-day vulnerabilities in a coordinated manner to enable unauthenticated remote code execution RCE. These vulnerabilities are identified as CVE-2023-46805 and...