March 20, 2024 at 01:09PM
Ivanti urges customers to patch Standalone Sentry and Ivanti Neurons for ITSM for critical vulnerabilities (CVE-2023-41724 and CVE-2023-46808). Neurons cloud landscapes are secure, while on-premises deployments remain vulnerable. Although there’s no evidence of exploitation, the urgency to apply the patch is stressed. Nation-state actors and other threat groups have exploited multiple Ivanti vulnerabilities.
Key takeaways from the meeting notes:
– Ivanti has warned customers to immediately patch a critical severity vulnerability in Standalone Sentry, which impacts all supported versions and allows unauthenticated bad actors within the same network to execute arbitrary commands in low-complexity attacks.
– Additionally, Ivanti fixed a second critical vulnerability (CVE-2023-46808) in its Neurons for ITSM IT service management solution. While this patch has been applied to all Ivanti Neurons for ITSM Cloud landscapes, on-premises deployments are still vulnerable to potential attacks.
– The company has confirmed that there is a patch available via the standard download portal and strongly encourages customers to act immediately to ensure full protection, though they have not found evidence of these vulnerabilities being exploited in the wild.
– Nation-state actors have been exploiting multiple Ivanti vulnerabilities as zero-days, which led to widespread attacks targeting Ivanti Connect Secure and Policy Secure systems, with CISA issuing emergency directives to secure these systems against zero-day flaws.
– Suspected Chinese threat groups had used another Connect Secure zero-day vulnerability to breach government, defense, and financial organizations across Europe and the United States three years ago.