Advanced

Ivanti Connect Secure VPN CVE

Two vulnerabilities disclosed together for Ivanti Connect Secure and Ivanti Policy Secure — CVE-2023-46805 (authentication bypass, CVSS 8.2) and CVE-2024-21887 (command injection, CVSS 9....

The VPN gateway product line — Ivanti Connect Secure and Ivanti Policy Secure — is the subject of this briefing.

Ivanti Connect Secure (ICS) and Ivanti Policy Secure are VPN appliances and associated client applications used by organizations to provide secure remote access to internal networks. These products are the direct descendants of the legacy Pulse Connect Secure product line, which Ivanti acquired and rebranded.

This vulnerability disclosure is unrelated to a separate set of wide-ranging vulnerabilities disclosed roughly a month earlier in Ivanti's mobile device management suite, Avalanche. However, the Avalanche disclosure had already drawn increased attention from threat actors toward Ivanti's broader product offerings, making the VPN appliance line an attractive follow-on target.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

10 sections
  1. 1 Table of Contents
  2. 2 Module 1: Ivanti Connect Secure and Policy Secure Platform Background
  3. 3 Module 2: The Vulnerability Chain — Authentication Bypass and Command Injection
  4. 4 Module 3: CVSS Scoring and Affected Versions
  5. 5 Module 4: Active Exploitation and Threat Intelligence
  6. 6 Module 5: Risk Assessment for Affected Organizations
  7. 7 Module 6: Detection and Forensic Preservation
  8. 8 Module 7: Remediation and Recovery Workflow
  9. 9 Module 8: Ongoing Security Practices and Incident Response Follow-Up
  10. 10 Summary

More Vulnerability Briefings courses

View all 30

Interested in this course?

Contact us to book it or get a custom training plan for your team.