Multiple Vulnerabilities have been discovered in Ivanti Products, the most severe of which could allow for remote code execution.
Ivanti Connect Secure is a SSL VPN solution for remote and mobile users.
Ivanti Policy Secure (IPS) is a network access control (NAC) solution which provides network access only to authorized and secured users and devices.
Ivanti Neurons for Zero Trust Access (nZTA) creates a secure connection from a device to web-based applications on-premises and in the cloud
Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the logged on user, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.