- Key Cybersecurity Considerations for 2025
- Make the Most of Your Holiday Cybersecurity Awareness Efforts
- Stock your Kindle for summer: Get up to 93% off popular reads during Amazon's Book Sale
- I replaced my TV with a 4K UST projector - and the visual upgrade was worth it
- This Amazon Fire TV soundbar gave me room-filling audio without breaking the bank
Ivanti warns customers of new critical flaw exploited in the wild
“The vulnerability is a buffer overflow with a limited character space, and therefore it was initially believed to be a low-risk denial-of-service vulnerability,” incident responders from Google-owned Mandiant wrote in a report on the flaw. “We assess it is likely the threat actor studied the patch for the vulnerability in ICS 22.7R2.6 and uncovered through a complicated process, it was possible to exploit 22.7R2.5 and earlier to achieve remote code execution.”
The vulnerability also impacts Ivanti Policy Secure and Ivanti Neurons ZTA gateways when they are generated and left unconnected to a ZTA controller. These products don’t have patches available yet, but active exploitation has not currently been observed and exploitation is less likely because Ivanti Policy Secure is not meant to be connected to the internet and ZTA gateways can’t be exploited when deployed in production correction.
Ivanti estimates patches for ZTA gateways and Policy Secure will be released on April 19 and April 21, respectively. Pulse Connect Secure, being end-of-life, will not receive a patch for this issue and is already being targeted for active exploitation.
