Security Alert (A24-10-12): Vulnerability in Ivanti Products


 

Published on: 10 October 2024

  
  

Description:

Ivanti has released a security advisory to address a vulnerability in Ivanti products. Detailed information about the vulnerability can be found at:
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-and-Policy-Secure-CVE-2024-37404

 

Affected Systems:

  • Ivanti Connect Secure versions prior to 9.1R18.9 and 22.7R2.1
  • Ivanti Policy Secure versions prior to 22.7R1.1

For detailed information of the affected systems, please refer to the corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerability could lead to remote code execution on an affected system.

 

Recommendation:

Patches for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-and-Policy-Secure-CVE-2024-37404
  • https://www.hkcert.org/security-bulletin/ivanti-products-multiple-vulnerabilities_20241010
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37404


Tag: Ivanti , Ivanti Connect Secure , Ivanti Policy Secure
Tags