Volexity detects Chinese hackers exploiting Ivanti VPN zero-day vulnerabilities


A pair of unauthenticated remote zero-day vulnerabilities in Ivanti Connect Secure VPN devices are reportedly being actively exploited by Chinese state hackers, according to malware analysts at Volexity.

The flaws, identified as CVE-2023-46805 and CVE-2024-21887, impact fully patched Internet-facing Ivanti Connect Secure VPN appliances (previously called Pulse Secure). They were discovered during zero-day exploitation conducted in the wild. Pre-patch mitigations for the new vulnerabilities were made available by Ivanti, a company that has faced significant security issues.

However, the company stated that full fixes will be made available on a staggered schedule starting on January 22.

Read More: Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days