A Vulnerability in Ivanti Products Could Allow for Remote Code Execution

Read Time:46 Second

A Vulnerability has been discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways which could allow for remote code execution.

Ivanti Connect Secure (formerly Pulse Connect Secure) is a widely deployed SSL VPN solution that provides secure and controlled access to corporate data and applications for remote and mobile users, offering features like single sign-on, multi-factor authentication, and integration with various security frameworks.Ivanti Policy Secure (IPS) is a Network Access Control (NAC) solution that provides network access only to authorized and secured users and devices, offering comprehensive NAC management, visibility, and monitoring to protect networks and sensitive data.Ivanti Neurons for Zero Trust Access (ZTA) Gateway is a component of Ivanti’s zero-trust network access solution

Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data.

China-based SMS Phishing Triad Pivots to Banks

Google Cloud: China Achieves “Cyber Superpower” Status

Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity

Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024

SpyNote Malware Targets Android Users with Fake Google Play Pages

AI-Powered AkiraBot Evades CAPTCHA to Spam 80,000 Websites

Operation Endgame Continues with Smokeloader Customer Arrests

Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing

WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit

A Vulnerability in Ivanti Products Could Allow for Remote Code Execution

llama-cpp-b4094-11.fc42

USN-7431-1: HAProxy vulnerability

ZDI-CAN-26569: Siemens

FreeBSD-EN-25:04.tzdata

FreeBSD-EN-25:05.expat

FreeBSD-EN-25:06.daemon