Ivanti Connect Secure Suffers from Heap Overflow Vulnerability, Leading to DoS Attacks

Summary

Vulnerability CVE-2024-21894 affects Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure and allows an unauthenticated attacker to crash the service, leading to a denial-of-service (DoS) attack. In certain conditions, this vulnerability may also result in the execution of arbitrary code. It is part of a group of vulnerabilities that include heap overflow, null pointer dereference, and XML entity expansion, which pose serious threats to the security of the affected software. Ivanti has released patches to address these vulnerabilities and organizations are strongly recommended to apply these updates as soon as possible to mitigate the risk. No evidence of exploitation by threat actors, including ransomware groups, has been reported so far.

News Articles

SC Media

CVE-2024-21894

Numerous Ivanti VPN gateways impacted by RCE vulnerability

BleepingComputer reports that attacks leveraging a recently patched high-severity heap overflow vulnerability, tracked as CVE-2024-21894, could impact nearly 16,500 internet-exposed Ivanti Connect Secure and Poly Secure VPN gateways.

5 months ago

Security Affairs

CVE-2024-21894

+16K Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Experts warn of roughly 16,500 Ivanti Connect Secure and Poly Secure gateways still vulnerable to a remote code execution (RCE) flaw.

8 months ago

BleepingComputer

CVE-2024-21894

New Ivanti RCE flaw may impact 16,000 exposed VPN gateways

Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week.

8 months ago

More News...