Ivanti has launched safety updates to deal with 4 safety flaws impacting Join Safe and Coverage Safe Gateways that would lead to code execution and denial-of-service (DoS).
The record of flaws is as follows –
- CVE-2024-21894 (CVSS rating: 8.2) – A heap overflow vulnerability within the IPSec element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated malicious person to ship specifically crafted requests in an effort to crash the service thereby inflicting a DoS assault. In sure circumstances, this will likely result in execution of arbitrary code.
- CVE-2024-22052 (CVSS rating: 7.5) – A null pointer dereference vulnerability in IPSec element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated malicious person to ship specifically crafted requests in an effort to crash the service thereby inflicting a DoS assault.
- CVE-2024-22053 (CVSS rating: 8.2) – A heap overflow vulnerability within the IPSec element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated malicious person to ship specifically crafted requests in an effort to crash the service thereby inflicting a DoS assault or in sure circumstances learn contents from reminiscence.
- CVE-2024-22023 (CVSS rating: 5.3) – An XML entity enlargement or XEE vulnerability in SAML element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated attacker to ship specifically crafted XML requests in an effort to briefly trigger useful resource exhaustion thereby leading to a limited-time DoS.
The corporate, which has been grappling with a gentle stream of safety flaws in its merchandise for the reason that begin of the yr, mentioned it isn’t conscious of “any clients being exploited by these vulnerabilities on the time of disclosure.”
Late final month, Ivanti shipped patches for crucial shortcoming in its Standalone Sentry product (CVE-2023-41724, CVSS rating: 9.6) that would allow an unauthenticated menace actor to execute arbitrary instructions on the underlying working system.
It additionally resolved one other crucial flaw impacting on-premises variations of Neurons for ITSM (CVE-2023-46808, CVSS rating: 9.9) that an authenticated distant attacker might abuse in an effort to carry out arbitrary file writes and procure code execution.
In an open letter printed on April 3, 2023, Ivanti’s CEO Jeff Abbott mentioned the corporate is taking a “shut look” at its personal posture and processes to fulfill the necessities of the present menace panorama.
Abbott additionally mentioned “occasions in current months have been humbling” and that it is executing a plan that primarily adjustments its safety working mannequin by adopting secure-by-design ideas, sharing data with clients with full transparency, and rearchitecting its engineering, safety, and vulnerability administration practices.
“We’re intensifying our inside scanning, handbook exploitation and testing capabilities, participating trusted third events to reinforce our inside analysis and facilitating accountable disclosure of vulnerabilities with elevated incentives round an enhanced bug bounty program,” Abbott mentioned.
