Tag: Ivanti

A critical server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure has become the target of widespread exploitation.

Ivanti has issued a warning about two critical vulnerabilities affecting Connect Secure, Policy Secure, and ZTA gateways, with one identified as a zero-day flaw

CISA has issued a critical directive instructing all U.S. federal agencies to disconnect vulnerable Ivanti Connect Secure and Policy Secure VPN appliances.

Two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPNs have been exploited by a Chinese nation-state threat actor.

Ivanti, a Utah-based IT software firm, is grappling with challenges in adhering to its promised timeline for delivering patches addressing critical vulnerabilities in its Connect Secure VPN

Ivanti, in a recent advisory, has cautioned administrators about a critical vulnerability affecting VPN appliances if new device configurations are pushed after

CISA has issued a directive urging federal agencies to address actively exploited zero-day flaws in Ivanti Connect Secure and Ivanti Policy Secure products.

The Ivanti Connect Secure VPN and Policy Secure network access control (NAC) appliances are under mass exploitation due to two zero-day vulnerabilities.

Ivanti has disclosed two zero-day vulnerabilities, CVE-2023-46805 and CVE-2024-21887, affecting its Connect Secure and Policy Secure gateways

Ivanti has successfully resolved a critical remote code execution (RCE) vulnerability found in its Endpoint Management software (EPM).