1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Critical RCE vulnerability patched by Ivanti

    From TechnologyDaily@1337:1/100 to All on Thu Mar 21 12:45:05 2024
    Critical RCE vulnerability patched by Ivanti

    Date:
    Thu, 21 Mar 2024 12:30:31 +0000

    Description:
    A vulnerability allows hackers to execute arbitrary commands on the
    underlying operating system, so download the patch now.

    FULL STORY ======================================================================

    Ivanti has released a patch for a critical vulnerability affecting its Standalone Sentry product, designed to provide authenticated apps secure access to backend resources.

    In a security advisory published last Monday, the company said that the discovered vulnerability allows threat actors to execute arbitrary commands
    on the underlying operating system of the appliance within the same physical or logical network.

    The flaw, discovered by Vincent Hutsebaut, Pierre Vivegnis, Jerome Nokin, Roberto Suggi Liverani and Antonin B. of NATO Cyber Security Centre, is tracked as CVE-2023-41724, and carries a severity score of 9.6 (critical). Patch now, or suffer the consequences

    It affects all supported versions 9.17.0, 9.18.0, and 9.19.0, as well as
    older versions. The patch is available via the standard download portal, Ivanti said, adding that it strongly encourages customers to act immediately and apply the patch without hesitation.

    We are not aware of any customers being exploited by this vulnerability at
    the time of disclosure, Ivanti concluded.

    So far, 2024 is proving to be a nightmare year for Ivanti. In early January, it discovered a remote code execution (RCE) vulnerability in its Endpoint Management Software (EPM). While it was investigating the issue, it
    discovered two more flaws in early February. Soon, news broke of mass exploitation by numerous threat actors, attacking organizations of all shapes and sizes - CISA included.

    While there was no concrete evidence, some reports suggested that even ransomware operators could have targeted vulnerable Ivanti endpoints. Others are saying that multiple Chinese state-sponsored groups have been actively exploiting these flaws.

    Ivanti Pulse Secure, one of the vulnerable products, was said to have used a decade-old Linux and outdated libraries.

    "Pulse Secure runs an 11-year-old version of Linux which hasn't been
    supported since November 2020," researcher Eclypsium said at the time. Eclypsium discovered multiple libraries which, among themselves, are vulnerable to 973 flaws. Of those, 111 have publicly known exploits. More
    from TechRadar Pro Take a look at our guide to the best firewalls Proton Pass adds passkey support for all users - even those who don't pay These are the best endpoint protection services around




    ======================================================================
    Link to news story: https://www.techradar.com/pro/critical-rce-vulnerability-patched-by-ivanti


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)