Page 1 of 1

Newest Ivanti SSRF zero-day now under mass exploitation

Posted: Mon Feb 05, 2024 11:43 pm
by rbc
An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers.

Ivanti first warned about the flaw in the gateway's SAML components on January 31, 2024, giving it a zero-day status for limited active exploitation, impacting a small number of customers.

Exploitation of CVE-2024-21893 allowed attackers to bypass authentication and access restricted resources on vulnerable devices (versions 9.x and 22.x).
[...]
Newest Ivanti SSRF zero-day now under mass exploitation