Ivanti’s suite of products, including Connect Secure, Policy Secure, and Neurons, has long been favored by organizations seeking robust security solutions. With features tailored to address server-side request forgery (SSRF) vulnerabilities and authentication bypass flaws, Ivanti products have been instrumental in safeguarding sensitive data in today’s dynamic cyber landscape.
However, recent discoveries have uncovered several critical vulnerabilities, necessitating immediate attention. CVE-2024-21893 exposes a severe SSRF vulnerability in Ivanti Connect Secure, Policy Secure, and Neurons, posing a significant risk to data integrity. With the potential for remote exploitation, this vulnerability enables attackers to manipulate server requests, leading to unauthorized access and data compromise.
Similarly, CVE-2023-35082 and CVE-2023-35078 highlight authentication bypass vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). These vulnerabilities undermine the integrity of authentication mechanisms, allowing unauthorized users to gain access to sensitive systems and data.
Additionally, CVE-2023-46805 and CVE-2024-21887 unveil authentication bypass and command injection vulnerabilities in Ivanti Connect Secure and Policy Secure. Exploitation of these vulnerabilities could result in unauthorized administrative access and the execution of arbitrary commands, further compromising system security.
Moreover, CVE-2024-22024 introduces XML External Entity (XXE) vulnerabilities in Ivanti Connect Secure and Policy Secure, potentially exposing sensitive information to malicious actors.
The impact of these vulnerabilities is profound, posing significant risks to organizations’ data security and integrity. Unauthorized access, data breaches, and potential system compromise are among the grave consequences organizations may face if these vulnerabilities are exploited.
Recognizing the urgency of addressing these vulnerabilities, the research team at Ridge Security has responded swiftly. Through comprehensive analysis and rigorous testing, we have developed tailored solutions to mitigate the risks posed by Ivanti vulnerabilities.
RidgeBot, our AI-powered exposure management solution, offers enhanced threat protection against Ivanti vulnerabilities. Leveraging advanced scanning techniques, RidgeBot identifies vulnerable instances within organizational networks and provides actionable insights to remediate these risks effectively.
Figure1:Identification of vulnerable Ivanti instances by RidgeBot via advanced scanning techniques
Figure2:Demonstration of successful vulnerability exploitation by RidgeBot, highlighting the importance of proactive threat mitigation.
In a rapidly evolving threat landscape, proactive measures are essential to safeguarding organizational assets. Ridge Security remains committed to empowering organizations with the tools and expertise needed to navigate the complexities of cybersecurity. Contact us today to learn more about how RidgeBot can bolster your organization’s security posture.