An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
https://cyberscoop.com/sonicwall-exploited-vulnerabilities-surge/
https://thehackernews.com/2025/04/google-reports-75-zero-days-exploited.html
https://therecord.media/cisa-ivanti-firewall-bug-exploitation
https://www.darkreading.com/vulnerabilities-threats/china-linked-threat-group-exploits-ivanti-bug
https://cyberscoop.com/china-espionage-group-ivanti-vulnerability-exploits/
https://securelist.com/vulnerabilities-and-exploits-in-q4-2024/115761/
https://cyberscoop.com/edge-device-vulnerabilities-fuel-attack-sprees/
https://www.securityweek.com/exploitation-of-new-ivanti-vpn-zero-day-linked-to-chinese-cyberspies/
https://therecord.media/china-espionage-ivanti-vulnerabilities-mandiant
https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day
https://www.theregister.com/2024/11/27/salt_typhoons_us_telcos/
https://www.darkreading.com/application-security/salt-typhoon-malware-arsenal-ghostspider
https://thehackernews.com/2024/11/chinese-hackers-use-ghostspider-malware.html
https://www.trendmicro.com/en_us/research/24/k/earth-estries.html
https://isc.sans.edu/diary/rss/31384
https://blog.talosintelligence.com/common-ransomware-actor-ttps-playbooks/
https://www.akamai.com/blog/security-research/2024-redtail-cryptominer-pan-os-cve-exploit
https://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html
https://securityaffairs.com/162811/hacking/mitre-security-breach-china.html
https://services.google.com/fh/files/misc/m-trends-2024.pdf
https://www.mitre.org/news-insights/news-release/mitre-response-cyber-attack-one-its-rd-networks
https://unit42.paloaltonetworks.com/malware-initiated-scanning-attacks/
https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement
https://hub.dragos.com/hubfs/116-Datasheets/Dragos_IntelBrief_VOLTZITE_FINAL.pdf
https://www.infosecurity-magazine.com/news/rust-payloads-ivanti-zero-days/
https://www.volexity.com/blog/2024/01/18/ivanti-connect-secure-vpn-exploitation-new-observations/
https://infosec.exchange/@[email protected]/111732557655576182
Published: 2024-01-12
Updated: 2025-01-27
Named Vulnerability: ConnectAroundKnown Exploited Vulnerability (KEV)
Base Score: 8.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:N
Severity: High
Base Score: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Severity: High
Base Score: 9.2
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N
Severity: Critical
EPSS: 0.94398
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability of Concern