Thursday, May 8, 2025
HomeCVE/vulnerabilityIvanti Warns of Critical Vulnerabilities in Connect Secure, Policy Secure & Secure...

Ivanti Warns of Critical Vulnerabilities in Connect Secure, Policy Secure & Secure Access

Published on

SIEM as a Service

Follow Us on Google News

Ivanti, the well-known provider of IT asset and service management solutions, has issued critical security updates for its products Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC).

These updates address multiple vulnerabilities, including medium, high, and critical severity issues, which, if exploited, could lead to denial of service (DoS), privilege escalation, and even remote code execution (RCE).

The company urges users to apply the patches immediately, though it reassures that there are currently no known cases of active exploitation of these vulnerabilities in the wild.

- Advertisement - Google News

Summary of Vulnerabilities

Ivanti has identified and patched a wide range of vulnerabilities affecting its products, including stack-based buffer overflows, use-after-free bugs, command injections, and incorrect file permissions.

Free Ultimate Continuous Security Monitoring Guide - Download Here (PDF)

Some of the most severe vulnerabilities could allow attackers to gain administrative privileges or execute arbitrary code on affected systems.

Below is a detailed list of the vulnerabilities, along with their CVE numbers, descriptions, CVSS scores, and the affected products.


CVE Number
DescriptionCVSS Score (Severity)Impacted Product(s)
CVE-2024-38655Argument injection allowing a remote authenticated attacker with admin privileges to achieve remote code execution.9.1 (Critical)Connect Secure & Policy Secure
CVE-2024-38656Argument injection allowing a remote authenticated attacker with admin privileges to achieve RCE in older versions.9.1 (Critical)Connect Secure & Policy Secure
CVE-2024-39710Argument injection enabling RCE by remote authenticated admin attackers.9.1 (Critical)Connect Secure & Policy Secure
CVE-2024-11007Command injection allowing a remote authenticated attacker with admin privileges to execute arbitrary commands on the system.9.1 (Critical)Connect Secure & Policy Secure
CVE-2024-11006Command injection allowing RCE via remote admin attackers in vulnerable versions.9.1 (Critical)Connect Secure & Policy Secure
CVE-2024-11005Command injection allowing RCE by remote admin attackers.9.1 (Critical)Connect Secure & Policy Secure

Affected Versions and Patch Availability

Ivanti has released patches to address all identified vulnerabilities. The following table outlines the affected versions and the corresponding resolved versions:

Product NameAffected Version(s)Resolved Version(s)Patch Availability
Ivanti Connect Secure (ICS)22.7R2.2 and prior22.7R2.3Ivanti Portal
Ivanti Policy Secure (IPS)22.7R1.1 and prior22.7R1.2Ivanti Portal
Ivanti Secure Access Client (ISAC)22.7R3 and prior22.7R4Ivanti Portal

Ivanti recommends that users of the affected products immediately update their systems to the latest patched versions to mitigate the risk of exploitation.

Ivanti customers can download the patches from the Ivanti support portal. Given the critical nature of some of these vulnerabilities, particularly the risk of remote code execution, administrators need to prioritize these updates and ensure their environments are secured.

Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...