Ivanti has released security updates to address four security flaws affecting Connect Secure and policy security gateways that could lead to code execution and denial of service (DoS).
The list of defects is as follows –
- CVE-2024-21894 (CVSS Rating: 8.2) – A stack overflow vulnerability exists in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure, allowing an unauthenticated malicious user to send specially crafted requests, resulting in a service crash DoS attack . In some cases, this may lead to the execution of arbitrary code.
- CVE-2024-22052 (CVSS Rating: 7.5) – A null pointer dereference vulnerability exists in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure, which could allow an unauthenticated malicious user to send a crafted request that could compromise the service Crash DoS attack.
- CVE-2024-22053 (CVSS Rating: 8.2) – A stack overflow vulnerability exists in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure, allowing an unauthenticated malicious user to send specially crafted requests, resulting in a service crash DoS attack Or in some cases read content from memory.
- CVE-2024-22023 (CVSS Rating: 5.3) – An XML Entity Extension or XEE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure could allow an unauthenticated attacker to send a crafted XML request to temporarily Causing resources to crash and deplete resulting in a limited-time DoS.
The company, which has been working to address emerging security vulnerabilities in its products since the beginning of the year, said it was “unknown at the time of disclosure that any customers had been exploited by these vulnerabilities.”
Late last month, Ivanti released a patch for a critical flaw in its Standalone Sentry product (CVE-2023-41724, CVSS score: 9.6) that could allow unauthenticated threat actors to execute arbitrary commands on the underlying operating system .
It also resolves another critical flaw affecting the native version of Neurons for ITSM (CVE-2023-46808, CVSS score: 9.9) that could be abused by an authenticated remote attacker to perform arbitrary file writes and gain access to the program code execution.
In an open letter published on April 3, 2023, Ivanti CEO Jeff Abbott said the company is “taking a hard look” at its posture and processes to meet the requirements of the current threat landscape.
Abbott also said that “the events of recent months are alarming” and that the company is executing on a plan to reimagine its engineering, security and services by adopting secure design principles, sharing information with customers in a completely transparent manner, and architecture, fundamentally changing its security operating model. Vulnerability management practices.
“We are strengthening our internal scanning, manual exploitation and testing capabilities, engaging trusted third parties to enhance our internal research, and promoting responsible disclosure of vulnerabilities through enhanced incentives for our bug bounty program,” Abbott said.
