Newest Ivanti SSRF zero-day now under mass exploitation

Industry news
Post Reply
rbc
President
Posts: 291
Joined: Mon Oct 30, 2023 1:32 am
Location: Vicksburg, MS
ISC2 Member Status: Yes
Contact:

Newest Ivanti SSRF zero-day now under mass exploitation

Post by rbc »

An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers.

Ivanti first warned about the flaw in the gateway's SAML components on January 31, 2024, giving it a zero-day status for limited active exploitation, impacting a small number of customers.

Exploitation of CVE-2024-21893 allowed attackers to bypass authentication and access restricted resources on vulnerable devices (versions 9.x and 22.x).
[...]
Newest Ivanti SSRF zero-day now under mass exploitation
Robert B. Carleton + ISC2 Central Mississippi President
Post Reply