CVE-2024-21887

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout - The recently discovered Ivanti Connect Secure zero-day vulnerabilities could impact thousands of systems and the threat actors caught exploiting them appear to have been preparing for the release of patches. Threat intelligence and incident response ...
1 year ago Securityweek.com CVE-2023-46805 CVE-2024-21887

Threat Brief: Ivanti Vulnerabilities CVE-2023-46805 and CVE-2024-21887 - On Jan. 10, 2024, Ivanti disclosed two new vulnerabilities in their Ivanti Connect Secure and Ivanti Policy Secure gateways: CVE-2023-46805 and CVE-2024-21887. The first CVE is a High severity authentication bypass vulnerability, and the second CVE ...
1 year ago Unit42.paloaltonetworks.com CVE-2023-46805 CVE-2024-21887

Ivanti discloses new zero-day flaw, releases delayed patches - Ivanti Wednesday released patches for two critical zero-day vulnerabilities that were disclosed earlier this month, but also warned customers of two new flaws, including a new zero-day that's under exploitation in the wild. In a security advisory on ...
1 year ago Techtarget.com CVE-2023-46805 CVE-2024-21887 CVE-2024-21888 CVE-2024-21893

Two Ivanti Zero-Days Actively Exploited in the Wild - Ivanti customers have been urged to follow the security vendor's suggested workaround after it confirmed that two zero-day vulnerabilities in its Connect Secure and Policy Secure gateways are being actively exploited. Connect Secure is a VPN product ...
1 year ago Infosecurity-magazine.com CVE-2023-46805 CVE-2024-21887 CVE-2023-35078 CVE-2023-35081

Ivanti confirms 2 zero-day vulnerabilities are under attack - CISA urged enterprises to address two Ivanti zero-day vulnerabilities that remain unpatched amid reports of active exploitation by a Chinese nation-state threat actor. Ivanti published a security advisory Wednesday for an authentication bypass ...
1 year ago Techtarget.com CVE-2023-46805 CVE-2024-21887

Ivanti Researchers Report Two Critical Zero-Day Vulnerabilities - Ivanti researchers this week flagged two zero-day vulnerabilities discovered in its products - CVE-2023-46805 and CVE-2024-21887- that are already being actively exploited by threat actors. The vulnerabilities were found in Ivanti Connect Secure and ...
1 year ago Darkreading.com CVE-2023-46805 CVE-2024-21887- CVE-2024-21887

CISA confirms compromise of its Ivanti systems - CISA confirmed two of its internal systems were breached by a threat actor that exploited flaws in Ivanti products used by the U.S. cybersecurity agency. Ivanti on Jan. 10 disclosed two zero-day vulnerabilities that were under exploitation by a ...
1 year ago Techtarget.com CVE-2023-46805 CVE-2024-21887

AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
7 months ago Feeds.dzone.com

Ivanti US Faces Security Crisis, Threatening Worldwide Systems - In a recent development, a critical server-side request forgery vulnerability has been discovered in Ivanti Connect Secure and Ivanti Policy Secure servers, marked as CVE-2024-21893. Security experts have confirmed that this vulnerability is being ...
1 year ago Cysecurity.news CVE-2024-21893 CVE-2023-46805 CVE-2024-21887

Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products - In an unprecedented move, the US government's cybersecurity agency CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. Within 48 hours, the agency said federal ...
1 year ago Securityweek.com CVE-2023-46805 CVE-2024-21887 CVE-2024-21888 CVE-2024-21893

Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov

Ivanti patches Connect Secure zero-day exploited since mid-March - Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. While Ivanti has yet to disclose more details ...
1 month ago Bleepingcomputer.com CVE-2025-22457

RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign - Hackers with possible ties to the notorious North Korea-linked Lazarus Group are exploiting a recent critical vulnerability in Palo Alto Network's PAN-OS software to run a sophisticated cryptomining operation that likely has nation-state backing. In ...
11 months ago Securityboulevard.com CVE-2024-3400 CVE-2023-46805 CVE-2024-21887 Andariel Lazarus Group

Ivanti Breach Prompts CISA to Take Systems Offline - According to officials, threat actors breached the Cybersecurity and Infrastructure Security Agency's systems using Ivanti product vulnerabilities back in February. Suspicious activity was first identified a month ago in two systems that were taken ...
1 year ago Darkreading.com CVE-2023-46805 CVE-2024-21887 CVE-2024-21893

1,700 Ivanti VPN devices compromised. Are yours among them? - Over 1,700 Ivanti Connect Secure VPN devices worldwide have been compromised by attackers exploiting two zero-days with no patches currently available. Both Volexity and Ivanti revealed on January 10 that unknown attackers have been leveraging ...
1 year ago Helpnetsecurity.com CVE-2023-46805 CVE-2024-21887

Ivanti: VPN appliances vulnerable if pushing configs after mitigation - Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable to ongoing attacks exploiting two zero-day vulnerabilities. While the company didn't provide additional ...
1 year ago Bleepingcomputer.com CVE-2023-46805 CVE-2024-21887

Ivanti Connect Secure zero-days now under mass exploitation - Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control appliances are now under mass exploitation. As discovered by threat intelligence company Volexity, which also first spotted the zero-days ...
1 year ago Bleepingcomputer.com CVE-2023-46805 CVE-2024-21887 CVE-2021-22893

Ivanti Zero-Day Exploits Skyrocket Worldwide; No Patches Yet - Thousands of Ivanti VPN instances have been compromised across the globe in the last five days thanks to two serious, as yet unpatched zero-day vulnerabilities disclosed last week. Ivanti Connect Secure VPN is a virtual private network tool that ...
1 year ago Darkreading.com CVE-2023-46805 CVE-2024-21887

Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways - Ivanti has released a security update to address an authentication bypass vulnerability and a command injection vulnerability in all supported versions of Connect Secure and Policy Secure gateways. A cyber threat actor could exploit these ...
1 year ago Cisa.gov CVE-2023-46805 CVE-2024-21887

CISA Emergency Directive Orders Action on Ivanti Zero-Days - A leading US security agency has issued an emergency directive requiring all of the government's civilian federal agencies to mitigate two zero-days under active exploitation. Ivanti first disclosed the vulnerabilities on January 10, although it's ...
1 year ago Infosecurity-magazine.com CVE-2023-46805 CVE-2024-21887

Ivanti Zero-Day Patches Delayed as 'KrustyLoader' Attacks Mount - The two bugs were disclosed earlier in January, allowing unauthenticated remote code execution and authentication bypass, respectively, affecting Ivanti's Connect Secure VPN gear. While both zero days were already under active exploitation in the ...
1 year ago Darkreading.com CVE-2024-21887 CVE-2023-46805

Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days - Malware hunters at Volexity on Wednesday warned that suspected Chinese nation-state hackers are actively exploiting a pair of unauthenticated remote zero-day vulnerabilities in Ivanti Connect Secure VPN devices. The vulnerabilities, tracked as ...
1 year ago Securityweek.com CVE-2023-46805 CVE-2024-21887 Hunters

Ivanti Connect Secure zero-days exploited by attackers - Two zero-day vulnerabilities in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers have discovered. Patches for these flaws are currently unavailable, but the risk of exploitation can be ...
1 year ago Helpnetsecurity.com CVE-2023-46805 CVE-2024-21887

Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation - Successful exploitation could result in authentication bypass and command injection, leading to further downstream compromise of a victim network. Mandiant has identified zero-day exploitation of these vulnerabilities in the wild beginning as early ...
1 year ago Mandiant.com CVE-2023-46805 CVE-2024-21887