TLP: CLEAR
CISA urges organizations to follow the updated guidance—including software updates—that Ivanti has published to their KB article, which includes:
- Two additional vulnerabilities in all supported versions (9.x and 22.x) of Ivanti Connect Secure and Policy Secure Gateways:
- A privilege escalation vulnerability (CVE-2024-21888)
- A server-side request forgery vulnerability (CVE-2024-21893)
- A cyber threat actor could exploit CVE-2024-21888 and CVE-2024-21893 to take control of an affected system. Ivanti’s KB article includes software updates that cover these vulnerabilities in specific versions of the software as well as mitigations for affected software versions that do not yet have updates.
- Software updates are also available for the previously reported Ivanti Connect Secure and Policy Secure Gateways vulnerabilities in Ivanti devices (CVE-2023-46805 and CVE-2024-21887). Note: See the KB article for the specific versions that these updates apply to as well as specific guidance on implementing the updates. Ivanti will publish additional information and software updates to the KB article as these become available.
Additionally, CISA has issued a Supplemental Direction to its Emergency Directive on Ivanti Vulnerabilities. Although the Supplemental Direction and Emergency Directive are only for FCEB agencies, CISA strongly encourages all organizations to review the guidance and implement it as applicable.
Multi-State Information Sharing and Analysis Center (MS-ISAC)
Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)
31 Tech Valley Drive
East Greenbush, NY 12061
24×7 Security Operations Center
SOC@cisecurity.org – 1-866-787-4722
TLP: CLEAR
Information may be distributed without restriction, subject to standard copyright rules.
Please send all opt out requests to info@cisecurity.org.
This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.
This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.
. . . . .