Cyberattack News

Ivanti RCE flaw Let Attackers Execute Arbitrary Commands

Ivanti has been discovered with a new vulnerability on Ivanti Standalone Sentry that is associated with Remote code execution.

The CVE for this vulnerability has been assigned with CVE-2023-41724, and the severity was given as 9.6 (Critical).

However, Ivanti has acted swiftly upon this vulnerability and has released a security advisory to address it.

It is worth denoting that the Ivanti Connect Secure vulnerability previously discovered was one of the most exploited vulnerabilities in the wild by threat actors.

Ivanti Standalone Sentry – CVE-2023-41724

According to the reports shared with Cyber Security News, this particular vulnerability could allow an unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the affected device. 

However, as a prerequisite, the device must be within the same physical or logical network.

Additional prerequisite includes a valid TLS client certificate that must be enrolled through EPMM without which threat actors cannot exploit this vulnerability over the internet.

Document

Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

This vulnerability affects all supported versions of Ivanti Standalone Sentry versions 9.17.0, 9.18.0, and 9.19.0. Versions older than these mentioned Ivanti Standalone Sentry are also at risk, as Ivanti mentioned.

Moreover, Ivanti has credited multiple security researchers like Vincent Hutsebaut, Pierre Vivegnis, Jerome Nokin, Roberto Suggi Liverani and Antonin B. of NATO Cyber Security Centre for their collaboration on this vulnerability.

Like the previous Ivanti Connect Secure, there are no reports of exploitation for this vulnerability.

Ivanti stated that the patch for this vulnerability is currently available on the standard download portal.

In addition, the company has also advised their customers to act immediately upon this issue and patch their products accordingly in order to ensure they are fully protected.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Eswar

Eswar is a Cyber security reporter with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is reporting data breach, Privacy and APT Threats.

Share
Published by
Eswar
Tags: CVE-2023-41724cyber securitycyber security newsRemote Code Execution (RCE)
1 year ago

Recent Posts

Why CISOs and CTOs Must Collaborate More Than Ever in Today’s Security Landscape

The pace of technological change in today’s business environment is unprecedented. Organizations are racing to…

7 seconds ago

Understanding Cyber Risk Appetite – A CISO’s Approach to Risk Management

Cyber risk appetite represents the amount and type of cyber risk an organization is willing…

2 minutes ago

Hackers Exploiting Microsoft 365 OAuth Workflows to Target Organizations

A new campaign by Russian threat actors. These actors are exploiting legitimate Microsoft OAuth 2.0…

6 minutes ago

Hackers Exploited 17-year-old Vulnerability to Weaponize Word Documents

Security researchers at Fortinet's FortiGuard Labs have uncovered a sophisticated phishing campaign that uses weaponized…

59 minutes ago

Marks & Spencer Confirms a Cyberattack Hits Payments & Online Orders

British retail giant Marks & Spencer (M&S) has confirmed it is dealing with a significant…

1 hour ago

The Role of AI in Modernizing Cybersecurity Programs – Insights for Security Leaders

In the face of relentless cyber threats and an ever-expanding digital attack surface, security leaders…

3 hours ago