Ivanti has disclosed particulars of a vital distant code execution flaw impacting Standalone Sentry, urging clients to use the fixes instantly to remain protected in opposition to potential cyber threats.
Tracked as CVE-2023-41724, the vulnerability carries a CVSS rating of 9.6.
“An unauthenticated risk actor can execute arbitrary instructions on the underlying working system of the equipment throughout the identical bodily or logical community,” the corporate mentioned.
The flaw impacts all supported variations 9.17.0, 9.18.0, and 9.19.0, in addition to older variations. The corporate mentioned it has made accessible a patch (variations 9.17.1, 9.18.1, and 9.19.1) that may be downloaded by way of the usual obtain portal.
It credited Vincent Hutsebaut, Pierre Vivegnis, Jerome Nokin, Roberto Suggi Liverani and Antonin B. of NATO Cyber Safety Centre for “their collaboration on this subject.”
Ivanti emphasised that it is not conscious of any clients affected by CVE-2023-41724, and added that “risk actors with out a legitimate TLS shopper certificates enrolled by means of EPMM can not instantly exploit this subject on the web.”
Patched together with CVE-2023-41724 is one other vital shortcoming impacting on-premises variations of Neurons for ITSM (CVE-2023-46808, CVSS rating: 9.9) that would allow authenticated distant attacker to carry out arbitrary file writes and acquire code execution.
“An authenticated distant person can carry out file writes to the ITSM server,” Ivanti mentioned. “Profitable exploitation can be utilized to write down information to delicate directories which can permit attackers execution of instructions within the context of an online software’s person.”
The vulnerability, which impacts variations 2023.3, 2023.2, and 2023.1, has been already addressed in cloud environments.
Ivanti has needed to battle a gradual steam of safety flaws in its software program for the reason that begin of the 12 months, with a few of them topic to exploitation by at the least three completely different suspected China-linked cyber espionage clusters tracked as UNC5221, UNC5325, and UNC3886, in response to Mandiant.
The event comes as SonarSource revealed a mutation cross-site scripting (mXSS) flaw impacting an open-source e mail shopper referred to as Mailspring aka Nylas Mail (CVE-2023-47479) that may very well be exploited to bypass sandbox and Content material Safety Coverage (CSP) protections and obtain code execution when a person replies to or forwards a malicious e mail.
“mXSS takes benefit of that by offering a payload that appears harmless initially when parsing (throughout the sanitization course of) however mutates it to a malicious one when re-parsing it (within the closing stage of displaying the content material),” safety researcher Yaniv Nizry mentioned.
