Threat Brief: Multiple Ivanti Vulnerabilities
released on 2024-02-06 @ 03:53:29 PM
Ivanti disclosed four vulnerabilities in its Connect Secure and Policy Secure products since early January 2024. Two of the vulnerabilities allow unauthenticated remote code execution. Proof of concept exploits have been publicly released, and attackers are actively exploiting the vulnerabilities. Ivanti has released some patches and workarounds. Palo Alto Networks products can help identify vulnerable systems and block exploitation attempts.