Mitigate Vulnerabilities with Ivanti Connect Secure
Critical zero-day exploits have been discovered in Ivanti Connect Secure (ICS), formerly known as Pulse Connect Secure and Ivanti Policy Secure Gateways. The vulnerabilities impact all supported versions – Version 9.x and 22.x. These vulnerabilities are actively being exploited by advanced threat actors and pose a significant security risk. Immediate action is required to mitigate potential threats.
CISA has added three Emergency Directives for Ivanti Connect Secure and Ivanti Policy Secure, based on evidence of active exploitation.
- CVE-2024-21887 Ivanti Connect Secure and Policy Secure Command Injection Vulnerability
- CVE-2023-46805 Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability
- Ivanti Alert – Vendor Alert and Mitigation Recommendations
Patches will be released in a staggered schedule with the first version targeted to be available to customers the week of 22 January and the final version targeted to be available the week of 19 February.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the enterprise.
Recommended Mitigation Actions:
To address these vulnerabilities and enhance the security of your systems, we strongly recommend that you take the following actions:
- Review FAQs and immediately apply vendor recommended mitigations provided here.
- Patch systems as patches are made available by the vendor.
Securing the defense industrial base is a team sport. Consider joining the National Defense Information Sharing and Analysis Center (ND-ISAC) to better understand latest threats.
ND-ISAC is the official ISAC for the DIB Critical Infrastructure Sector recognized by DOD and DHS. The ND-ISAC is a private sector self-organized and self-governing entity and a trusted partner providing exceptional technical solutions and support to its members. Email ND-ISAC to contact the team or see ND-ISAC’s public-facing website below.