Ivanti's authentication solution Standalone Sentry and IT service management software Neurons are vulnerable. This also affects editions that are no longer supported. In the worst case, attackers can execute malicious code. According to Ivanti, there have been no attacks so far.
Advertisement
The dangers
In a warning message, the developers advise you to quickly switch Standalone Sentry to the secured ones Version 9.17.1, 9.18.1 or 9.19.1 to update. If older editions are used, admins should upgrade to a version branch that is still supported.
If this is not done, remote attackers can access a “critical“Apply vulnerability (CVE-2023-41724) and execute your own code in the underlying system. The developers are currently not detailing what an attack might look like. The vulnerability was discovered by the NATO Cyber Security Center.
The second “critical“Gap (CVE2023-46808) affects Neurons for ITSM, Ivanti explains in a post. At this point, no longer supported editions are also at risk and an upgrade to 2023.X is necessary.
For cloud customers, the security update has already been installed. On-premise customers can find patched versions in the support area. For a successful attack, an attacker must be logged in. If this is the case, he can push files onto systems and execute his own commands. This can lead to computers being compromised.
More security issues
It wasn't until the beginning of March 2024 that persistent backdoors on Ivanti devices made headlines. In January, US authorities had to take Ivanti systems offline due to security problems.
(of the)