Posted 3/20/2024, 5:08:58 PM
Ivanti Patches Critical Flaws in Multiple Products Exploited in Attacks
- Ivanti patched critical Standalone Sentry vulnerability reported by NATO allowing unauthenticated remote code execution
- Ivanti also fixed critical flaw in Neurons for ITSM enabling privilege escalation
- Multiple Ivanti products have been exploited this year by nation-state actors using 0-days before exploits become widespread
- Over 13,000 Ivanti endpoints were still vulnerable last month to exploited bugs
- CISA ordered federal agencies to immediately patch or disconnect vulnerable Ivanti VPN devices due to widespread attacks targeting zero-days