Ivanti Zero-Days: Your VPN Gateway is a Target. Patch NOW!
Heads up, folks! The cybersecurity world is still reeling from the active, widespread exploitation of multiple zero-day vulnerabilities in Ivanti Connect Secure and Policy Secure gateways. This isn’t just theoretical; threat actors are having a field day, making these critical network devices a prime entry point into organizations worldwide.
We’re talking about a chain of serious flaws here, including authentication bypass (CVE-2023-46805) and command injection (CVE-2024-21887), which together allow unauthenticated attackers to execute arbitrary commands on vulnerable appliances[1]. Adding fuel to the fire, a server-side request forgery (CVE-2024-21888), privilege escalation (CVE-2024-21893), and a critical SSRF (CVE-2024-22024) in the SAML component were also disclosed and are actively being exploited to bypass authentication and gain root access[2]. Multiple state-sponsored groups and financially motivated threat actors are in on the action

