Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS).
The list of flaws is as follows –
- CVE-2024-21894 (CVSS score: 8.2) – A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack. In certain conditions, this may lead to execution of arbitrary code.
- CVE-2024-22052 (CVSS score: 7.5) – A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack.
- CVE-2024-22053 (CVSS score: 8.2) – A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.
- CVE-2024-22023 (CVSS score: 5.3) – An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in order to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.
Late last month, Ivanti shipped patches for critical shortcoming in its Standalone Sentry product (CVE-2023-41724, CVSS score: 9.6) that could permit an unauthenticated threat actor to execute arbitrary commands on the underlying operating system.
It also resolved another critical flaw impacting on-premises versions of Neurons for ITSM (CVE-2023-46808, CVSS score: 9.9) that an authenticated remote attacker could abuse in order to perform arbitrary file writes and obtain code execution.
Abbott also said “events in recent months have been humbling” and that it’s executing a plan that essentially changes its security operating model by adopting secure-by-design principles, sharing information with customers with complete transparency, and rearchitecting its engineering, security, and vulnerability management practices.
Source: https://thehackernews.com/