Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability

April 8, 2024 at 10:54AM Researchers at the Shadowserver Foundation discovered thousands of internet-exposed Ivanti VPN appliances vulnerable to a recently disclosed CVE-2024-21894, enabling remote code execution. Ivanti released updates for this and other vulnerabilities, urging users to update instances. ShadowServer found over 16,000 affected Ivanti VPN instances, mostly in the US and Japan, with … Read more

New Ivanti RCE flaw may impact 16,000 exposed VPN gateways

April 5, 2024 at 01:47PM Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways are vulnerable to remote code execution flaw CVE-2024-21894, exposing them to potential denial of service and unauthenticated user exploitation. This high-severity vulnerability has seen significant exposure worldwide, including state-sponsored threat actors and widespread exploitation, making it crucial for system administrators to … Read more