Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
released on 2024-03-01 @ 09:53:53 AM
Cyber threat actors are actively exploiting multiple vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways that can be chained to bypass authentication, craft malicious requests, and execute arbitrary commands. This enables threat actors to implant web shells for persistence and harvest credentials stored on compromised devices.