News Post

Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks

ArstechnicaArstechnica · 9m
Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks

Multiple zero-day vulnerabilities have been identified in Ivanti Connect Secure, a widely used virtual private network (VPN) appliance, allowing threat actors to bypass two-factor authentication and execute malicious code within targeted networks. Tracked as CVE-2023-846805 and CVE-2024-21887, these vulnerabilities have been actively exploited by unidentified threat actors. The compromised appliance was used to steal configuration data, modify files, download remote files, and gain unauthorized access to internal systems. Researchers suspect that a Chinese nation-state-level threat actor is behind the attacks. Mitigation measures are advised, as there is potential for widespread exploitation if the vulnerabilities are not addressed promptly.

Comments

Download the medial app to read full posts, comements and news.