Ivanti enterprise VPNs have a recently patched zero-day vulnerability that has been used in attacks with a backdoor called “DSLog,” according to security services provider Orange Cyberdefense.
A server-side request forgery (SSRF) vulnerability found in the SAML component of Ivanti Connect Secure, Policy Secure, and Neurons for ZTA has been tracked as CVE-2024-21893. This vulnerability could be used to obtain sensitive data without the need for authentication. When Ivanti released patches for three additional vulnerabilities in its enterprise VPN appliances, two of which were identified as exploitable zero-days in early January, the company also disclosed the vulnerability on January 31.
Ivanti stated in its advisory that “we are aware of a limited number of customers impacted by CVE-2024-21893.”
Read More: Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
