Skip to main content

Ivanti Products Security Restriction Bypass Vulnerability

Last Update Date: 16 Feb 2024 Release Date: 9 Feb 2024 3641 Views

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability has been identified in Ivanti Products. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.

 

Note:

Proof of Concept exploit code is publicly available for CVE-2024-22024.


Impact

  • Security Restriction Bypass

System / Technologies affected

  • Ivanti Connect Secure version 9.1R14.4
  • Ivanti Connect Secure version 9.1R17.2
  • Ivanti Connect Secure version 9.1R18.3
  • Ivanti Connect Secure version 22.4R2.2
  • Ivanti Connect Secure version 22.5R1.1
  • Ivanti Policy Secure version 22.5R1.1
  • ZTA version 22.6R1.3

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link