Ivanti has launched safety updates to deal with 4 safety flaws impacting Join Safe and Coverage Safe Gateways that would lead to code execution and denial-of-service (DoS).
The record of flaws is as follows –
- CVE-2024-21894 (CVSS rating: 8.2) – A heap overflow vulnerability within the IPSec element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated malicious consumer to ship specifically crafted requests with the intention to crash the service thereby inflicting a DoS assault. In sure circumstances, this will result in execution of arbitrary code.
- CVE-2024-22052 (CVSS rating: 7.5) – A null pointer dereference vulnerability in IPSec element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated malicious consumer to ship specifically crafted requests with the intention to crash the service thereby inflicting a DoS assault.
- CVE-2024-22053 (CVSS rating: 8.2) – A heap overflow vulnerability within the IPSec element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated malicious consumer to ship specifically crafted requests with the intention to crash the service thereby inflicting a DoS assault or in sure circumstances learn contents from reminiscence.
- CVE-2024-22023 (CVSS rating: 5.3) – An XML entity enlargement or XEE vulnerability in SAML element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated attacker to ship specifically crafted XML requests with the intention to briefly trigger useful resource exhaustion thereby leading to a limited-time DoS.
The corporate, which has been grappling with a gentle stream of safety flaws in its merchandise for the reason that begin of the 12 months, mentioned it isn’t conscious of “any clients being exploited by these vulnerabilities on the time of disclosure.”
Late final month, Ivanti shipped patches for crucial shortcoming in its Standalone Sentry product (CVE-2023-41724, CVSS rating: 9.6) that would allow an unauthenticated risk actor to execute arbitrary instructions on the underlying working system.
It additionally resolved one other crucial flaw impacting on-premises variations of Neurons for ITSM (CVE-2023-46808, CVSS rating: 9.9) that an authenticated distant attacker might abuse with the intention to carry out arbitrary file writes and procure code execution.
In an open letter printed on April 3, 2023, Ivanti’s CEO Jeff Abbott mentioned the corporate is taking a “shut look” at its personal posture and processes to satisfy the necessities of the present risk panorama.
Abbott additionally mentioned “occasions in latest months have been humbling” and that it is executing a plan that primarily adjustments its safety working mannequin by adopting secure-by-design rules, sharing data with clients with full transparency, and rearchitecting its engineering, safety, and vulnerability administration practices.
“We’re intensifying our inside scanning, guide exploitation and testing capabilities, partaking trusted third events to reinforce our inside analysis and facilitating accountable disclosure of vulnerabilities with elevated incentives round an enhanced bug bounty program,” Abbott mentioned.
