Avatar
Herjan Security 2y ago

Summary:

- Ivanti Sentry Zero-Day vulnerability has been confirmed as exploited in attacks.

- The vulnerability allows unauthenticated attackers to access sensitive APIs and execute OS commands as a system administrator.

- Other Ivanti product vulnerabilities have also been exploited in attacks.

- The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed the active exploitation and added it to its Known Exploited Vulnerabilities Catalog.

- The vulnerability affects specific versions of Ivanti Sentry.

- Risk of exploitation is low when the specific port is not exposed to the internet.

Hashtags:

#Ivanti #vulnerability #cybersecurity #exploitation #CVE #CISA

https://www.securityweek.com/exploitation-of-ivanti-sentry-zero-day-confirmed/

Reply to this note

Please Login to reply.

Discussion

No replies yet.