Dear all,
Ivanti has released patches to address two vulnerabilities disclosed in January: CVE-2023-46805 (an authentication bypass issue) and CVE-2024-21887 (a command injection issue). Those flaws affect Connect Secure and Policy Secure; the patches fix the vulnerabilities in some but not all affected versions of the products. Ivanti has also disclosed two new zero-day vulnerabilities, one of which is being actively exploited.
https://www.scmagazine.com/news/one-of-two-new-high-severity-bugs-in-ivanti-exploited-in-the-wild?is...
Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | SAA-C03 | CCSM | CISSP | PMP