- Ivanti Patches Four errors found in Connect Secure, Policy Secure and Cloud Services Applications
- The four could be used in RCE attacks
- The patches are available, and users are recommended to apply them as soon as possible
Ivanti has launched patches for four critical severity vulnerabilities discovered in several of its products.
Vulnerabilities are traced as CVE-2024-38657, CVE-2025-22467, CVE-2024-10644 and CVE-2024-47908. All these received a gravity score of 9.1/10 (critic). Different errors impact different solutions, including Connect Secure applications (ICS), Policy Secure (IPS) and cloud services (CSA).
Since they can be used for highly disruptive cyber attacks, users are recommended to apply patches without hesitation, and a security notice that contains more details about the defects mentioned above in this link can be found.
Steps
All errors can be used to execute arbitrary code, remotely. The first clean versions are Ivanti Connect Secure 22.7R2.6, Ivanti Policy Secure 22.7r1.3 and Ivanti CSA 5.0.5, and users who update these versions immediately are recommended.
Ivanti said there is no evidence of bank abuse. However, the company’s products are quite popular both in companies and in small and medium enterprises (SMB), and as such are often directed and used as an initial point of entry.
“While these products are not the final objective, the route on which the national state groups of well -collected resources are focusing their effort to try espionage campaigns against organizations of great value of high value,” said Daniel Spicer , Ivanti Cso.
“We have improved internal scan, manual exploitation and test capabilities, greater collaboration and the exchange of information with the security ecosystem, and we improve our responsible dissemination process, including becoming a CVE numbering authority “
At the end of January 2025, the United States Cybersecurity and Infrastructure Security Agency (CISA) added four Ivanti vulnerabilities to its well -known catalog of exploited vulnerability (KEV), which suggests that they were being abused in nature. The errors, which are found in Ivanti Cloud Service Appliance (CSA) and Pathers in September and October 2024, are being used in two attack chains to obtain initial access, conduct, obtain credentials and impact on web networks.
Through The hacker news
