ivanti News Articles

Ivanti | News & Insights | The Hacker News

Read the latest updates about Ivanti on The Hacker News cybersecurity and information technology publication.

2 days ago

Ivanti fixes 4 critical flaws, including CVSS 9.9 in Connect Secure

The flaws could enable remote code execution or arbitrary file writing and should be patched immediately.

1 week ago

Ivanti Connect Secure Vulnerabilities Let Attackers Execute Code Remotely

Ivanti has disclosed a critical vulnerability, CVE-2025-22467, impacting its Connect Secure (ICS) product.  This stack-based buffer overflow vulnerability, rated 9.9 (Critical) on the CVSS v3.1 scale, allows remote authenticated attackers to execute arbitrary code on affected systems. 

1 week ago

CISA: Hackers still exploiting older Ivanti bugs to breach networks

CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks.

1 month ago

New PoC Released For Ivanti Connect Secure RCE Vulnerability (CVE-2025-0282)

Researchers have unveiled a PoC exploit for a critical RCE flaw in Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways.

Threat Brief: CVE-2025-0282 and CVE-2025-0283

CVE-2025-0282 and CVE-2025-0283 affect multiple Ivanti products. This threat brief covers attack scope, including details from an incident response case. CVE-2025-0282 and CVE-2025-0283 affect multiple Ivanti products. This threat brief covers attack scope, including details from an incident respons...

Critical Ivanti Vulnerabilities Addressed With Latest Patch

These Ivanti vulnerabilities, identified as CVE-2025-0282 and CVE-2025-0283, pose serious risks to users of affected versions.

33,542 Ivanti Connect Secure Instances Exposed as Exploitation of CVE-2025-0282 Unfolds

A critical security vulnerability, CVE-2025-0282, has been identified and exploited in the wild, affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways.

Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282)

As we saw in our previous blogpost, we fully analyzed Ivanti’s most recent unauthenticated Remote Code Execution vulnerability in their Connect Secure (VPN) appliance. Specifically, we analyzed CVE-2025-0282. Today, we’re going to walk through exploitation. Once again, however, stopping short of pr...

Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure

Ivanti's CVE-2025-0282 flaw, exploited by China-linked actors, enables remote code execution. CISA demands urgent patching by January 15, 2025.

Do Secure-By-Design Pledges Come With Stickers? - Ivanti Connect Secure RCE (CVE-2025-0282)

Did you have a good break? Have you had a chance to breathe? Wake up. It’s 2025, and the chaos continues. Haha, see what we did? We wrote the exact same thing in 2024 because 2024 was exactly the same. As an industry, we are on GroundHog day -

CVE-2025-0282 and CVE-2025-0283: Ivanti 0days in the Wild | Wiz Blog

Detect and mitigate critical RCE vulnerabilities CVE-2025-0282 and CVE-2025-0283 in Ivanti VPNs. Urgent patching required to protect against 0day exploitation.

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) - Help Net Security

Ivanti has fixed a zero-day vulnerability (CVE-2025-0282) that is being exploited by attackers to compromise Connect Secure VPN appliances.

Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) - Help Net Security

The zero-day attacks leveraging the Ivanti Connect Secure vulnerability (CVE-2025-0282) were first spotted in mid-December 2024.

Ivanti VPN Zero-Day Vulnerability Actively Exploited in the Wild

Ivanti has disclosed actively exploiting a critical zero-day vulnerability, CVE-2025-0282, in its Connect Secure VPN appliances.

Ivanti’s bug-plagued network appliances attacked using fresh exploit

Multiple threat actors have begun exploiting one of four recently discovered flaws afflicting the vendor’s VPN and network gateway products.

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

Ivanti releases patches for critical flaws in CSA and Connect Secure, addressing privilege escalation and code execution risks.

Threat Landscape Report 2024 Highlight Cybersecurity Risks

The ANZ Threat Landscape Report 2024 reveals increasing cybersecurity threats in Australia and New Zealand.

How Cloudflare’s AI WAF proactively detected the Ivanti Connect Secure critical zero-day vulnerability

Prior to the vulnerabilities' announcement publicly, the WAF Attack Score AI model was able to identify the attack threats and assign scores indicating high maliciousness for the attack examples, particularly for the Remote Code Execution and Path Traversal attack categories. The issuance of Emergen...

3 More Ivanti Cloud Vulns Exploited in the Wild

The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor's Cloud Services Appliance (CSA).

Ivanti zero-day vulnerabilities exploited in chained attack | TechT...

A limited number of Ivanti Cloud Service Application customers have been attacked in exploit chains containing zero-day vulnerabilities.

Ivanti: Three CSA Zero-Days Are Being Exploited in Attacks

Ivanti’s Cloud Services Appliance is being targeted by threat actors exploiting three zero-day bugs

Ivanti warns critical flaws in Endpoint Manager exploited in the wild

Ivanti is advising administrators to get up to date on their patches following a new spell of exploits against Endpoint Manager (EPM).

Three new Ivanti CSA zero-day actively exploited in attacks

Software company Ivanti released security patches for three new CSA zero-day vulnerabilities actively exploited in attacks.

Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Ivanti warns of active exploitation of three new CSA vulnerabilities, enabling hackers to bypass security measures.

Ivanti, Critical Security Vulnerability CVE-2024-29824 SQL Injection - ZAM

On October 2, 2024, CISA issued an advisory regarding active exploitation of CVE-2024-29824, affecting Ivanti Endpoint Manager.

Critical Ivanti Vulnerability CVE-2024-29824 Under Attack

CISA warns of active exploitation of an Ivanti vulnerability, CVE-2024-29824. Patching required by October 23, 2024, to protect systems.

Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) - Help Net Security

CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivanti Endpoint Manager (EPM) appliances, is being exploited by attackers.

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability to its Known Exploited Vulnerabilities Catalog.

Ivanti Endpoint Manager Vulnerability Public Exploit is Now Used in Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability to its Known Exploited Vulnerabilities Catalog, highlighting the ongoing threat landscape faced by federal and private entities alike.

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

Critical Ivanti Endpoint Manager flaw CVE-2024-29824 actively exploited. CISA urges immediate updates to secure networks

Ivanti EPM Vulnerability Exploited in the Wild

An Ivanti EPM SQL injection vulnerability tracked as CVE-2024-29824 has been exploited to target some of the company’s customers.

Critical Ivanti RCE flaw with public exploit now used in attacks

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

More Ivanti vulnerabilities exploited in the wild | TechTarget

Three Ivanti vulnerabilities have been exploited in the wild this month, though details about the attacks are scarce.

Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) - Help Net Security

CVE-2024-7593, a critical auth bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited.

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

CISA adds Ivanti vTM flaw CVE-2024-7593 to Known Exploited Vulnerabilities list, urging swift remediation.

Ivanti's Cloud Service Attacked via Second Vuln

The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).

Ivanti Warns of Second CSA Vulnerability Exploited in Attacks

In addition to the Ivanti CSA flaw CVE-2024-8190, another vulnerability affecting the same product, CVE-2024-8963, has been exploited.

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190) - Help Net Security

CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation.

Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices.

Ivanti Cloud Service Appliance flaw is being actively exploited

Ivanti warned that recently patched flaw CVE-2024-8190 in Cloud Service Appliance (CSA) is being actively exploited in the wild.

CISA warns of hackers exploiting bug for end-of-life Ivanti product

Ivanti's Cloud Service Appliance has a "high severity vulnerability" being exploited in the wild.

Newly patched Ivanti CSA flaw under active exploitation

The Cloud Service Appliance command injection vulnerability — patched as part of the final update for end-of-life CSA version 4.6 — has been attacked in the wild, Ivanti confirms.

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) - Help Net Security

Ivanti has fixed a slew of vulnerabilities in Endpoint Manager, including a maximum severity one RCE flaw (CVE-2024-29847).

Ivanti Warns Users to Patch Authentication Bypass Vulnerability

The vulnerability is due to an incorrect implementation of an authentication algorithm. Ivanti has urged users to patch a critical authentication bypass vulnerability.The flaw - tracked as...

Ivanti Virtual Traffic Manager Flaw Let Hackers Create Rogue Admin Accounts

Ivanti Virtual Traffic Manager has been discovered with a critical vulnerability that was associated with an authentication bypass.

Critical Ivanti vTM Bug Allows Unauthorized Admin Access

The CVSS 9.8 authentication bypass in Ivanti's traffic manager admin panel already has a proof-of-concept exploit (PoC) lurking in the wild.

Ivanti warns of critical vTM auth bypass with public exploit

​Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts.

Ivanti EPM - Remote Code Execution (CVE-2024-29824)

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code..

Numerous Ivanti VPN gateways impacted by RCE vulnerability

BleepingComputer reports that attacks leveraging a recently patched high-severity heap overflow vulnerability, tracked as CVE-2024-21894, could impact nearly 16,500 internet-exposed Ivanti Connect Secure and Poly Secure VPN gateways.