CSTI
    vulnerabilityThe Commercial Era (2000-present) Daily Briefing Landmark Event

    Critical Vulnerabilities in Ivanti Under Active Exploitation

    Tuesday, January 30, 2024

    Critical Vulnerabilities in Ivanti Under Active Exploitation

    On January 30, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) issued a critical alert regarding two vulnerabilities in Ivanti's Connect Secure and Policy Secure gateways, identified as CVE-2023-46805 and CVE-2024-21887. These vulnerabilities, related to authentication bypass and command injection, are currently being exploited by threat actors. CISA urges organizations to apply patches immediately to mitigate the risks associated with these vulnerabilities. The urgency of this situation cannot be overstated, as attackers are actively leveraging these flaws to compromise sensitive systems. Organizations relying on Ivanti's products must prioritize updates to safeguard their infrastructures and sensitive data.

    Also In Security Today

    • Cyber Attack on Romanian Parliament: Hackers infiltrated the Romanian Parliament’s Chamber of Deputies, exposing sensitive information of government officials, including health documents of the prime minister. The attackers have threatened to release this data unless demands are met. Read more.
    • Cybersecurity Incident in New Jersey Schools: The Freehold Township school district in New Jersey closed schools following a cybersecurity incident. Officials are consulting with IT experts to address the situation, highlighting the local impact of cybersecurity threats. Read more.
    • Apple's Sideloading Policy Change: Apple announced it would permit sideloading of applications on iPhones in compliance with the EU's Digital Markets Act. Experts warn that this could increase security and privacy risks for users. Read more.

    Analyst's Take

    Today's news emphasizes the pressing need for organizations to be vigilant against both software vulnerabilities and targeted cyberattacks. The active exploitation of Ivanti's vulnerabilities serves as a reminder that timely patching is critical. Furthermore, the breach of governmental data underscores the persistent risks facing public institutions. As we see regulatory changes like Apple's sideloading policy, defenders must remain proactive in assessing new threats to ensure robust security postures. The evolving landscape demands continual education and preparedness to mitigate risks effectively.

    Sources

    Ivanti CISA cyberattack Romanian Parliament sideloading security vulnerabilities