Multiple Vulnerabilities in Ivanti Products Could Allow for Remote Code Execution

Read Time:42 Second

Multiple Vulnerabilities have been discovered in Ivanti Products, the most severe of which could allow for remote code execution.

Ivanti Connect Secure is a SSL VPN solution for remote and mobile users.
Ivanti Policy Secure (IPS) is a network access control (NAC) solution which provides network access only to authorized and secured users and devices.
Ivanti Neurons for Zero Trust Access (nZTA) creates a secure connection from a device to web-based applications on-premises and in the cloud
Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the logged on user, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Cloudflare Introduces E2E Post-Quantum Cryptography Protections

UK’s Online Safety Act: Ofcom Can Now Issue Sanctions

Researchers Confirm BlackLock as Eldorado Rebrand

Improvements in Brute Force Attacks

US Legislators Demand Transparency in Apple’s UK Backdoor Court Fight

£1M Lost as UK Social Media and Email Account Hacks Skyrocket

Security Database Aims to Empower Non-Profits

Tj-actions Supply Chain Attack Exposes 23,000 Organizations

Free file converter malware scam “rampant” claims FBI

Multiple Vulnerabilities in Ivanti Products Could Allow for Remote Code Execution

dotnet9.0-9.0.104-1.fc40

dotnet9.0-9.0.104-1.fc41

dotnet9.0-9.0.104-1.fc42

USN-7352-1: FreeType vulnerability

USN-7299-4: X.Org X Server regression

OpenIPMI-2.0.36-1.fc41