Ivanti fixed for 4 new issues in Connect Secure and Policy Secure
2024-4-4 16:10:19 Author: securityaffairs.com(查看原文) 阅读量:13 收藏

Ivanti fixed for 4 new issues in Connect Secure and Policy Secure

Ivanti addressed four flaws impacting Connect Secure and Policy Secure Gateways that could lead to code execution and denial-of-service (DoS) condition.

Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS).

The list of vulnerabilities addressed by the company is reported below:

CVE Description CVSS Vector 
CVE-2024-21894 A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code 8.2 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H  
CVE-2024-22052 A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H  
CVE-2024-22053 A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.  8.2 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H  
CVE-2024-22023 An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS. 5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L  

The vulnerabilities impact all supported versions – Version 9.x and 22.x.  

 The company is not aware of attacks in the wild exploiting vulnerabilities.  

“We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure.” reads the advisory.

In March 2024, Ivanti addressed a critical remote code execution vulnerability, tracked as CVE-2023-41724 (CVSS score of 9.6), impacting Standalone Sentry solution.

An unauthenticated attacker can exploit this vulnerability to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network. 

“An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.” reads the advisory.

This vulnerability affects all supported versions 9.17.0, 9.18.0, and 9.19.0. Older versions are also impacted.

The company urge customers to install the available versions 9.17.1, 9.18.1, and 9.19.1, which address the issue.

In early February, the Five Eyes intelligence alliance issued a joint cybersecurity advisory warning of threat actors exploiting known vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways.

The advisory provides details about the exploitation in the wild of Connect Secure and Policy Secure vulnerabilities CVE-2023-46805CVE-2024-21887, and CVE-2024-21893. Multiple threat actors are chaining these issues to bypass authentication, craft malicious requests, and execute arbitrary commands with elevated privileges.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Ivanti)




文章来源: https://securityaffairs.com/161465/security/ivanti-code-execution-dos-flaws.html
如有侵权请联系:admin#unsafe.sh