Hacking News Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation

Hacking News Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation - Printable Version

+- (https://hackmyride.com/forum)
+-- Forum: Automotive Hacking (https://hackmyride.com/forum/forumdisplay.php?fid=211)
+--- Forum: News (https://hackmyride.com/forum/forumdisplay.php?fid=278)
+---- Forum: The Hacker News (https://hackmyride.com/forum/forumdisplay.php?fid=279)
+---- Thread: Hacking News Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation (/showthread.php?tid=12848)

Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation - The Hacker News - 01-31-2024

Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation

Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild.
The list of vulnerabilities is as follows -

CVE-2024-21888 (CVSS score: 8.8) - A privilege escalation vulnerability in the web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows

https://thehackernews.com/2024/01/alert-ivanti-discloses-2-new-zero-day.html