Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation

Ivanti disclosed two vulnerabilities impacting Ivanti Connect Secure VPN and Ivanti Policy Secure appliances on 10th January 2024. The exploitation of these vulnerabilities could lead to authentication bypass and command injection. Cybersecurity firm Mandiant has noted zero-day exploitation beginning as early as December 2023 by a suspected espionage threat actor. Ivanti is working alongside Mandiant and government partners to address these issues. Patches are currently being developed and Ivanti is providing advice to assist with system impact identification.