1.0 Introduction
Recently, Ivanti released critical security updates for Connect Secure, Policy Secure, Ivanti Cloud Services Application and Secure Access Client to address multiple High and Critical Severity Vulnerabilities.
2.0 Impact
These vulnerabilities, if exploited, cloud led to remote code execution, unauthorized access, and exposure of sensitive data.
3.0 Affected Products
- Ivanti Connect Secure (ICS) versions 22.7R2.5 and below
- Ivanti Policy Secure (IPS) versions 22.7R1.2 and below
- Ivanti Secure Access Client (ISAC) versions 22.7R4 and below
- Ivanti Cloud Services App (CSA) versions 5.0.4 and below
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review
Ivanti Security Release
for more information and apply the necessary updates.
Kindly refer to the following URLs for more information:
- https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771?language=en_US
- https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
Generally, Cyber999 advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact Cyber999 Incident Response Centre through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web:
https://www.mycert.org.my
5.0 References
- https://www.ivanti.com/blog/topics/security-advisory
- https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
- https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-47908-CVE-2024-11771?language=en_US