Known Exploited Vulnerability
9.1
CRITICAL
CVE-2024-21887
Ivanti Connect Secure and Policy Secure Command In - [Actively Exploited]
Description

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.

INFO

Published Date :

Jan. 12, 2024, 5:15 p.m.

Last Modified :

Nov. 29, 2024, 3:21 p.m.

Remotely Exploitable :

Yes !

Impact Score :

6.0

Exploitability Score :

2.3
CISA Notification
CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Description :

Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This vulnerability can be leveraged in conjunction with CVE-2023-46805, an authenticated bypass issue.

Required Action :

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes :

Please apply mitigations per vendor instructions. For more information, please see: https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2024-21887

Public PoC/Exploit Available at Github

CVE-2024-21887 has a 35 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-21887 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Ivanti connect_secure
2 Ivanti policy_secure

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

An old vulnerable version of pgAdmin4

Dockerfile Batchfile Makefile Shell Python JavaScript CSS HTML Mako PLpgSQL

Updated: 1 week, 1 day ago
0 stars 4 fork 4 watcher
Born at : Nov. 20, 2024, 7:31 p.m. This repo has been linked 3 different CVEs too.

None

Shell JavaScript Python TypeScript CSS Makefile HTML Mako PLpgSQL Batchfile

Updated: 3 weeks, 3 days ago
0 stars 0 fork 0 watcher
Born at : Nov. 8, 2024, 11:37 p.m. This repo has been linked 3 different CVEs too.

None

Dockerfile Batchfile Makefile Python HTML CSS Shell JavaScript Mako PLpgSQL

Updated: 1 month, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : Oct. 7, 2024, 1:35 p.m. This repo has been linked 3 different CVEs too.

None

Updated: 2 months, 3 weeks ago
0 stars 0 fork 0 watcher
Born at : Sept. 9, 2024, 1:28 a.m. This repo has been linked 128 different CVEs too.

None

HTML

Updated: 2 months, 1 week ago
2 stars 1 fork 1 watcher
Born at : Sept. 4, 2024, 9:24 a.m. This repo has been linked 128 different CVEs too.

None

HTML

Updated: 1 week, 3 days ago
6 stars 0 fork 0 watcher
Born at : Aug. 2, 2024, 6:07 a.m. This repo has been linked 123 different CVEs too.

None

Updated: 1 week, 5 days ago
4 stars 0 fork 0 watcher
Born at : June 14, 2024, 6:54 a.m. This repo has been linked 95 different CVEs too.

CLI utility to query Shodan's CVE DB

cve-search shodan shodan-client

Go

Updated: 4 weeks ago
2 stars 0 fork 0 watcher
Born at : May 12, 2024, 10 a.m. This repo has been linked 31 different CVEs too.

None

HTML Python

Updated: 5 months ago
13 stars 1 fork 1 watcher
Born at : April 17, 2024, 8:46 a.m. This repo has been linked 100 different CVEs too.

Practical steps to help mitigate the risk of Zero-Day vulnerabilities

Updated: 8 months, 1 week ago
1 stars 0 fork 0 watcher
Born at : March 12, 2024, 12:10 p.m. This repo has been linked 4 different CVEs too.

This repository is dedicated to specific tasks aimed at improving threat detection, analysis, and mitigation capabilities within the scope of Siber Koza's CTI Platform Project, on a weekly basis.

Python

Updated: 3 weeks, 6 days ago
5 stars 0 fork 0 watcher
Born at : March 2, 2024, 9:40 p.m. This repo has been linked 5 different CVEs too.

Rust Library for AttackerKB API

Shell Rust

Updated: 9 months, 1 week ago
1 stars 0 fork 0 watcher
Born at : Feb. 19, 2024, 3:08 a.m. This repo has been linked 2 different CVEs too.

None

Updated: 9 months, 2 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 16, 2024, 12:38 p.m. This repo has been linked 37 different CVEs too.

Invanti VPN Vulnerabilities for Jan - Feb 2024 - Links to Keep it all Organized

Updated: 3 weeks, 5 days ago
15 stars 0 fork 0 watcher
Born at : Feb. 12, 2024, 9:31 p.m. This repo has been linked 6 different CVEs too.

Ivanti Connect Secure & Ivanti Policy Secure allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. (RCE Exploits)

cve-2024-21887 exploit-code rce-exploit remote-code-execution

Python

Updated: 8 months, 1 week ago
1 stars 0 fork 0 watcher
Born at : Feb. 9, 2024, 6:07 p.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-21887 vulnerability anywhere in the article.

  • The Cyber Express
Critical ICS Vulnerabilities Discovered in Schneider Electric, mySCADA, and Automated Logic Products

A recent Cyble ICS vulnerabilities report sheds light on several critical vulnerabilities in industrial control systems (ICS) from major vendors including Schneider Electric, mySCADA, and Automated Lo ... Read more

Published Date: Nov 29, 2024 (4 days, 4 hours ago)
  • The Cyber Express
Zyxel Firewalls Targeted by Helldown Ransomware: CVE-2024-11667 Exploited

Zyxel Firewalls have become a key target in recent cyberattacks, with attackers exploiting a critical vulnerability to deploy the dangerous Helldown ransomware. The German CERT (CERT-Bund) has issued ... Read more

Published Date: Nov 29, 2024 (4 days, 7 hours ago)
  • The Cyber Express
Australia’s New Cyber Security Act: Mandatory Ransom Payment Reporting

The Australian government has passed the new Cyber Security Act, which was recently approved by Parliament. One of the most critical provisions of this new law mandates that organizations must report ... Read more

Published Date: Nov 28, 2024 (5 days, 5 hours ago)
  • The Cyber Express
Critical Flaw in Oracle Agile PLM Framework Exposes Sensitive Data: Patch Now

Oracle’s Agile Product Lifecycle Management (PLM) software has been flagged for a security vulnerability (CVE-2024-21287) by CERT-In (Computer Emergency Response Team – India). The vulnerability, cata ... Read more

Published Date: Nov 28, 2024 (5 days, 7 hours ago)
  • The Register
Salt Typhoon's surge extends far beyond US telcos

The reach of the China-linked Salt Typhoon gang extends beyond telecommunications giants in the United States, and its arsenal includes several backdoors – including a brand-new malware dubbed GhostSp ... Read more

Published Date: Nov 27, 2024 (5 days, 17 hours ago)
  • The Cyber Express
Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled

A Russia-aligned hacking group, known as RomCom (also identified as Storm-0978, Tropical Scorpius, or UNC2596), has successfully exploited two zero-day vulnerabilities—one in Mozilla Firefox and anoth ... Read more

Published Date: Nov 27, 2024 (6 days, 6 hours ago)
  • The Cyber Express
AI Red Teaming in Focus: Why CISA Advocates a Secure by Design Approach

Artificial Intelligence (AI) has become a critical enabler across sectors, reshaping industries from healthcare to transportation. However, with its transformative potential comes a spectrum of safety ... Read more

Published Date: Nov 27, 2024 (6 days, 10 hours ago)
  • Cybersecurity News
CVE-2024-21887 and More: How Earth Estries APT Group Exploits VPNs & Servers

Campaign Alpha overview | Image: Trend MicroIn a detailed report from Trend Micro, the Chinese advanced persistent threat (APT) group Earth Estries, also known by aliases like Salt Typhoon and GhostEm ... Read more

Published Date: Nov 27, 2024 (6 days, 15 hours ago)
  • Dark Reading
Salt Typhoon Builds Out Malware Arsenal With GhostSpider

Source: 3D generator via Alamy Stock PhotoThe Chinese threat actor known as Salt Typhoon has been spying on some high-value government and telecommunications organizations for several years now, recen ... Read more

Published Date: Nov 26, 2024 (6 days, 20 hours ago)
  • The Cyber Express
CISA Adds Array Networks’ CVE-2023-28461 to KEV List: Critical Patching Urged

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a critical security flaw, CVE-2023-28461, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability i ... Read more

Published Date: Nov 26, 2024 (1 week ago)
  • The Hacker News
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications c ... Read more

Published Date: Nov 26, 2024 (1 week ago)
  • BleepingComputer
Salt Typhoon hackers backdoor telcos with new GhostSpider malware

The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers. The backdoor was discovered by T ... Read more

Published Date: Nov 25, 2024 (1 week, 1 day ago)
  • Trend Micro
Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions

APT & Targeted Attacks Since 2023, APT group Earth Estries has aggressively targeted key industries globally with sophisticated techniques and new backdoors, like GHOSTSPIDER and MASOL RAT, for prolon ... Read more

Published Date: Nov 25, 2024 (1 week, 1 day ago)
  • The Cyber Express
Apple Security Update: Addressing Critical Vulnerabilities in Apple Software

Apple recently rolled out a security update that addresses critical vulnerabilities in multiple Apple devices. Released on November 19, the Apple security update impacts various platforms, including i ... Read more

Published Date: Nov 20, 2024 (1 week, 6 days ago)
  • The Cyber Express
Palo Alto Reports Two More Bugs in PAN-OS That Are Being Actively Exploited

An alarming set of chained vulnerabilities in Palo Alto Networks’ PAN-OS software has sparked concerns that attackers could seize administrator privileges through an authentication bypass. The first v ... Read more

Published Date: Nov 18, 2024 (2 weeks ago)
  • The Cyber Express
High-Severity Vulnerability in Cisco ECE Could Lead to Denial of Service, CERT-In Issues Alert

The Computer Emergency Response Team of India (CERT-In) has issued a high-severity alert regarding a newly identified vulnerability in Cisco’s Enterprise Chat and Email (ECE) platform. Tagged as CERT- ... Read more

Published Date: Nov 15, 2024 (2 weeks, 4 days ago)
  • The Cyber Express
Key ICS Vulnerabilities Identified in Latest CISA Advisories

The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued a series of security advisories, shedding light on several critical vulnerabilities affecting Industrial Control Systems ... Read more

Published Date: Nov 14, 2024 (2 weeks, 5 days ago)
  • The Cyber Express
CISA Alerts: Five Newly Exploited Vulnerabilities Added to Critical Watchlist

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of their active ... Read more

Published Date: Nov 13, 2024 (2 weeks, 6 days ago)
  • The Cyber Express
Top 15 Exploited Cyber Vulnerabilities Revealed: Five Eyes Alliance Urges Immediate Patching

The FBI, NSA, and allied agencies within the Five Eyes intelligence network have published a list of the 15 most exploited vulnerabilities from 2023. The cybersecurity advisory, a collaborative effort ... Read more

Published Date: Nov 13, 2024 (2 weeks, 6 days ago)
  • The Cyber Express
Microsoft’s November 2024 Patch Tuesday Addresses 91 Vulnerabilities, Including Four Critical Zero-Days

Microsoft rolled out its monthly security updates as part of the Microsoft November 2024 Patch Tuesday cycle. The company addressed a total of 91 vulnerabilities, with four of them being classified as ... Read more

Published Date: Nov 13, 2024 (2 weeks, 6 days ago)
  • The Cyber Express
HPE Issues Urgent Patches for Critical Vulnerabilities in Aruba Networking Access Points

Hewlett Packard Enterprise (HPE) has issued critical security patches to address several vulnerabilities affecting its Aruba Networking Access Point products. These vulnerabilities (CVE-2024-42509 and ... Read more

Published Date: Nov 12, 2024 (3 weeks ago)
  • The Cyber Express
Google Chrome Users at Risk: CERT-In Advises Urgent Update to Fix Security Flaws

The Indian Computer Emergency Response Team (CERT-In) has issued a warning about newly discovered vulnerabilities in Google Chrome that could pose significant risks to users. These vulnerabilities, id ... Read more

Published Date: Nov 12, 2024 (3 weeks ago)
  • The Cyber Express
Critical WPLMS WordPress Theme Vulnerability Puts Websites at Risk of RCE Attacks

A newly discovered vulnerability in the WPLMS WordPress theme threatens websites with potential Remote Code Execution (RCE) due to a critical path traversal flaw. CVE-2024-10470, a vulnerability in th ... Read more

Published Date: Nov 11, 2024 (3 weeks ago)
  • The Cyber Express
D-Link to Not Fix Critical Bug Found in End-of-Life NAS Devices

A severe security flaw in outdated D-Link network-attached storage (NAS) devices leaves over 61,000 units exposed online with no patches. Researchers have identified a command injection vulnerability ... Read more

Published Date: Nov 11, 2024 (3 weeks ago)
  • The Cyber Express
CISA Warns of Critical Vulnerabilities in Industrial Control Systems Affecting Key Infrastructure Sectors

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued multiple advisories alerting the public to critical vulnerabilities affecting industrial control systems (ICS) equipment deploye ... Read more

Published Date: Nov 11, 2024 (3 weeks, 1 day ago)
  • The Cyber Express
CISA Alerts Fed Agencies of Active Exploitation of Palo Alto Networks’ CVE-2024-5910

A missing authentication flaw in Palo Alto Networks’ Expedition tool now jeopardizes firewall configurations across sectors, with attackers actively exploiting this vulnerability in the wild. The U.S. ... Read more

Published Date: Nov 08, 2024 (3 weeks, 4 days ago)
  • The Cyber Express
Critical Command Injection Vulnerability Hits Cisco’s Wireless Backhaul Devices

Cisco’s Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul (URWB) Access Points contain a severe vulnerability that potentially allows attackers to execute commands with root pr ... Read more

Published Date: Nov 07, 2024 (3 weeks, 4 days ago)
  • BleepingComputer
Cisco bug lets hackers run commands as root on UWRB access points

Cisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivit ... Read more

Published Date: Nov 06, 2024 (3 weeks, 5 days ago)
  • The Cyber Express
Google Addresses Two Android Zero-Days Used in Targeted Attacks

In its November security update, Google has patched two critical Android zero-days actively exploited in targeted attacks, along with 49 additional vulnerabilities. Google flagged these zero-day flaws ... Read more

Published Date: Nov 06, 2024 (3 weeks, 5 days ago)
  • The Cyber Express
Critical ICS Vulnerabilities Exposed: CISA Advisories Urge Immediate Action

Cyble Research & Intelligence Labs (CRIL) has released a new report focusing on critical Industrial Control System (ICS) vulnerabilities, with insights derived from recent advisories issued by the Cyb ... Read more

Published Date: Nov 05, 2024 (4 weeks ago)
  • The Cyber Express
CISA Flags Critical Security Flaws in PTZOptics Cameras, Urges Swift Action by Federal Agencies

The Cybersecurity and Infrastructure Security Agency (CISA) has added two newly discovered vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog following confirmed reports of active ex ... Read more

Published Date: Nov 05, 2024 (4 weeks ago)
  • The Cyber Express
FortiManager May Still Be Vulnerable Despite ‘FortiJump’ Patch

The ‘FortiJump’ vulnerability in Fortinet’s FortiManager management platform may not have been completely fixed by the company’s patch issued last month. A screen recording posted to X (formerly known ... Read more

Published Date: Nov 04, 2024 (4 weeks ago)
  • The Cyber Express
Cyble Warns of Escalating Cyber Risks in IoT and WordPress Plugins Amid Phishing Surge

In the latest edition of Cyble’s weekly sensor intelligence report, cybersecurity experts revealed a concerning surge in attacks targeting the LightSpeed Cache and GutenKit WordPress plugins. As the r ... Read more

Published Date: Nov 04, 2024 (4 weeks, 1 day ago)
  • The Cyber Express
New Vulnerabilities in Fortinet, SonicWall, and Grafana Pose Significant Risks

Cyble Research and Intelligence Labs (CRIL) has identified new IT vulnerabilities affecting Fortinet, SonicWall, Grafana Labs, and CyberPanel, among others. The report for the week of October 23-29 hi ... Read more

Published Date: Nov 04, 2024 (4 weeks, 1 day ago)
  • The Cyber Express
Nearly 1 Million Vulnerable Fortinet, SonicWall Devices Exposed to the Web

Nearly 1 million Fortinet and SonicWall devices with actively exploited vulnerabilities are exposed on the internet, according to Cyble’s weekly vulnerability report published today. The report also l ... Read more

Published Date: Nov 01, 2024 (1 month ago)
  • The Cyber Express
Apple Silences the Critics: visionOS 2.1 Plugs Major Security Holes

Apple has launched the highly anticipated visionOS 2.1 update for its innovative mixed reality headset, the Apple Vision Pro. This update is particularly important as it addresses a range of Apple Vis ... Read more

Published Date: Oct 29, 2024 (1 month ago)
  • The Cyber Express
IoT Vulnerabilities Exposed: Philips Smart Bulbs Pose Risks to Home Wi-Fi Security

In an era where the Internet of Things (IoT) promises convenience and efficiency, the rapid adoption of smart home technology comes with hidden security risks. From smart fridges to light bulbs, IoT d ... Read more

Published Date: Oct 28, 2024 (1 month ago)
  • The Cyber Express
‘I’m not a Robot’ reCAPTCHA Trojanized by Russian Hackers to Target Local Ukrainian Government

Ukraine is confronting a new cyberattack vector from Russian military intelligence (GRU) connected hackers that is targeting local governments. The Computer Emergency Response Team of Ukraine (CERT-UA ... Read more

Published Date: Oct 25, 2024 (1 month, 1 week ago)
  • The Cyber Express
Cisco Patches Critical Vulnerability Affecting VPN Services

Cisco Systems released a critical advisory regarding a vulnerability in the Remote Access VPN (RAVPN) service associated with its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) s ... Read more

Published Date: Oct 25, 2024 (1 month, 1 week ago)
  • The Cyber Express
Cyble Sensors Uncover Cyberattacks on Java Framework and IoT Devices

Cyble vulnerability intelligence unit has shared a report, detailing the recent cyberattacks on the Spring Java framework and hundreds of thousands of Internet of Things (IoT) devices. The report shed ... Read more

Published Date: Oct 23, 2024 (1 month, 1 week ago)
  • The Cyber Express
High-Risk ICS Vulnerability Exposes ICONICS and Mitsubishi Electric Products to Data Breaches

The Cybersecurity and Infrastructure Security Agency (CISA), on October 22, 2024, issued a new advisory targeting Industrial Control Systems (ICS). One of the most significant vulnerabilities highligh ... Read more

Published Date: Oct 23, 2024 (1 month, 1 week ago)
  • The Cyber Express
Multiple High-Severity Vulnerabilities Found in Bitdefender Products: Patch Now

Bitdefender has recently alerted users to critical vulnerabilities within Bitdefender Total Security and SafePay, necessitating immediate action to protect against online threats. These Bitdefender vu ... Read more

Published Date: Oct 23, 2024 (1 month, 1 week ago)
  • The Cyber Express
Splunk’s Recent Security Advisory: Addressing Vulnerabilities in Splunk Enterprise

Splunk has recently issued a security advisory aimed at addressing multiple vulnerabilities within its Splunk Enterprise software. The advisory categorizes these Splunk vulnerabilities into three main ... Read more

Published Date: Oct 22, 2024 (1 month, 1 week ago)
  • The Cyber Express
CVE-2024-9537: CISA Warns of Unpatched ScienceLogic SL1 Exploit in Active Use

U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog-CVE-2024-9537. This vulnerability affects ScienceLogic SL1 ( ... Read more

Published Date: Oct 22, 2024 (1 month, 1 week ago)
  • The Cyber Express
Dumbest Thing in Security This Week: The Most Exploited Vulnerability Is…

Cyble’s weekly sensor report is an always fascinating look at the vulnerabilities that threat actors are actively exploiting. While new vulnerabilities are quickly exploited, older ones are still expl ... Read more

Published Date: Oct 18, 2024 (1 month, 2 weeks ago)
  • The Cyber Express
Critical Vulnerability in Kubernetes Image Builder Exposes Nodes to Root Access

A new security risk has emerged in the Kubernetes Image Builder, posing a critical threat to organizations that utilize this tool for managing their containerized environments. The Kubernetes Image Bu ... Read more

Published Date: Oct 18, 2024 (1 month, 2 weeks ago)
  • The Cyber Express
GitHub Issues Urgent Security Advisory on Critical Vulnerability in GitHub Enterprise Server

GitHub has released a critical security advisory highlighting vulnerabilities that merit immediate action from users of GitHub Enterprise Server (GHES). The advisory focuses on a GitHub vulnerability ... Read more

Published Date: Oct 17, 2024 (1 month, 2 weeks ago)
  • The Cyber Express
Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups

Veeam has addressed a severe vulnerability in its widely utilized Backup & Replication tool, CVE-2024-40711. This critical flaw has a staggering Common Vulnerability Scoring System (CVSS) score of 9.8 ... Read more

Published Date: Oct 17, 2024 (1 month, 2 weeks ago)
  • The Cyber Express
SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing the pressing need for organizatio ... Read more

Published Date: Oct 17, 2024 (1 month, 2 weeks ago)
  • The Cyber Express
Cyble Sensors Uncover Cyberattacks Targeting Key Vulnerabilities

Cyble’s Vulnerability Intelligence unit has spotlighted a series of cyberattacks targeting critical vulnerabilities in various software systems, including the Ruby SAML library, D-Link NAS devices, an ... Read more

Published Date: Oct 14, 2024 (1 month, 2 weeks ago)
  • The Cyber Express
Adobe Security Alert: Update Software Now to Protect Against Exploits

Adobe announced a series of important security updates aimed at addressing several vulnerabilities across its product suite. These vulnerabilities could potentially allow cybercriminals to execute arb ... Read more

Published Date: Oct 09, 2024 (1 month, 3 weeks ago)
  • The Cyber Express
Microsoft Patches 117 CVEs: Focus on Critical and Zero-Day Threats

Microsoft has released the October 2024 Patch Tuesday, addressing a total of 117 Common Vulnerabilities and Exposures (CVEs). This month’s Microsoft Patch Tuesday update includes three vulnerabilities ... Read more

Published Date: Oct 09, 2024 (1 month, 3 weeks ago)
  • The Cyber Express
Progress Telerik, Cisco, QNAP and Linux Under Attack: Cyble Honeypot Sensors

Cyble’s Vulnerability Intelligence unit has detected cyberattacks on several key IT products and systems, as threat actors have been quick to exploit vulnerabilities and enterprises slow to patch them ... Read more

Published Date: Oct 08, 2024 (1 month, 3 weeks ago)
  • The Cyber Express
Qualcomm Addresses DSP Vulnerability CVE-2024-43047, Urges Users to Patch Devices

Qualcomm has released the latest security advisory for multiple vulnerabilities. Among them, a Qualcomm vulnerability, designated as CVE-2024-43047, has brought to light concerns surrounding the safet ... Read more

Published Date: Oct 08, 2024 (1 month, 3 weeks ago)
  • The Cyber Express
Apple Patches iOS Security Flaw That Could Reveal Saved Passwords

Apple has released new updates for iOS and iPadOS to fix two important security problems affecting many iPhone and iPad models. These Apple updates, now available as iOS 18.0.1 and iPadOS 18.0.1, fix ... Read more

Published Date: Oct 07, 2024 (1 month, 3 weeks ago)
  • The Cyber Express
The Week’s Top Vulnerabilities: Cyble Urges Fixes for NVIDIA, Adobe, CUPS

Cyble researchers had a busy week, investigating 19 vulnerabilities in the week ended Oct.1 and flagging eight of them as high priority. Cyble’s weekly IT vulnerability report also noted that research ... Read more

Published Date: Oct 04, 2024 (1 month, 4 weeks ago)
  • The Cyber Express
Hackers Exploit Ivanti Endpoint Manager Flaw—Are You at Risk?

The Cybersecurity and Infrastructure Security Agency (CISA) has alerted organizations about an active exploitation of a vulnerability in Ivanti Endpoint Manager (EPM). This critical flaw, tracked as C ... Read more

Published Date: Oct 04, 2024 (1 month, 4 weeks ago)
  • The Cyber Express
Google Addresses Critical Baseband Flaws, Strengthens Pixel Defenses

Google recently addressed a flaw within cellular modem vulnerabilities that can pose risk to smartphone users. The cellular baseband is responsible for handling all cellular communications, including ... Read more

Published Date: Oct 04, 2024 (1 month, 4 weeks ago)
  • The Cyber Express
‘Embarrassingly Bad’ Zimbra RCE Vulnerability Under Active Attack. Patch Now.

A critical remote code execution (RCE) vulnerability in Zimbra email servers is under active attack, and users are urged to patch immediately. Zimbra is already a popular target for hackers – CISA’s K ... Read more

Published Date: Oct 03, 2024 (2 months ago)
  • The Cyber Express
86% of Users Neglect Critical Router Security, Says Latest Survey

It is not just enough to surf the internet, but equally important to safeguard its boundaries. However, a latest survey has exposed the knowledge and preparedness of internet users. It was found that ... Read more

Published Date: Oct 03, 2024 (2 months ago)
  • The Cyber Express
Critical Vulnerability in NVIDIA Container Toolkit Poses Risks to Cloud Environments

A new vulnerability in NVIDIA’s software impacts over 35% of cloud environments. The NVIDIA vulnerability, designated as CVE-2024-0132, is linked to the NVIDIA Container Toolkit, a widely utilized fra ... Read more

Published Date: Oct 01, 2024 (2 months ago)
  • The Cyber Express
Apex Softcell Vulnerability: CERT-In Issues Critical Warning for Users

The Indian Computer Emergency Response Team (CERT-In) has reported multiple high-severity vulnerabilities in Apex Softcell’s mobile stock trading and back-office platforms. The Apex Softcell vulnerabi ... Read more

Published Date: Sep 26, 2024 (2 months, 1 week ago)
  • Help Net Security
Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)

CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation comes from the Cybersecuri ... Read more

Published Date: Sep 25, 2024 (2 months, 1 week ago)
  • The Cyber Express
New Vulnerability in Microchip Advanced Software Framework Poses Risks

The CERT Coordination Center (CERT/CC) at Carnegie Mellon University issued a warning about a security flaw in the Microchip Advanced Software Framework (ASF). This Microchip vulnerability, tracked as ... Read more

Published Date: Sep 25, 2024 (2 months, 1 week ago)
  • The Cyber Express
Versa Director Flaw Could Lead to API Attacks, Token Theft

Vulnerabilities in Versa Director are never a small matter, as the platform manages network configurations for Versa’s SD-WAN software – which is often used by internet service providers (ISPs) and ma ... Read more

Published Date: Sep 24, 2024 (2 months, 1 week ago)
  • The Cyber Express
Quantum Computing: Revolutionizing Cybersecurity Risks and Solutions

Quantum computing revolutionizes various fields, leveraging the unique properties of quantum mechanics. Its impact on cybersecurity, however, presents both significant risks and opportunities. Traditi ... Read more

Published Date: Sep 23, 2024 (2 months, 1 week ago)
  • The Cyber Express
Behind the Scenes: The Technical Details of Arc’s Recent Vulnerability

The Browser Company has announced a security vulnerability in the Arc browser, CVE-2024-45489. The Arc browser vulnerability was discovered on August 25, 2024, and was addressed within a day, ensuring ... Read more

Published Date: Sep 23, 2024 (2 months, 1 week ago)
  • The Cyber Express
Iran’s Passive Backdoors Lurk in Middle Eastern Networks

UNC1860, an Iranian state-sponsored threat actor, has emerged as a formidable cyber force in the Middle East. Likely tied to Iran’s Ministry of Intelligence and Security (MOIS), UNC1860 group is known ... Read more

Published Date: Sep 19, 2024 (2 months, 1 week ago)
  • The Cyber Express
5 New Vulnerabilities Added to CISA’s Known Exploited List: Urgent Action Required

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting the continued threat that these securit ... Read more

Published Date: Sep 19, 2024 (2 months, 2 weeks ago)
  • The Cyber Express
U.S. Intelligence Agencies Say Chinese Botnet Compromised 260,000 Devices

U.S. intelligence agencies issued a warning today about a Chinese botnet that has compromised 260,000 devices around the globe, including small office/home office (SOHO) routers, firewalls, network-at ... Read more

Published Date: Sep 18, 2024 (2 months, 2 weeks ago)
  • BleepingComputer
Chinese botnet infects 260,000 SOHO routers, IP cameras with malware

The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called “Raptor Train” that infected over 260,000 networking devices to target critical infrastructure in the US and in oth ... Read more

Published Date: Sep 18, 2024 (2 months, 2 weeks ago)
  • The Cyber Express
Apple Urges Users to Install iOS 18 to Fix 33 iPhone Vulnerabilities

Apple has officially released iOS 18, which is the latest software update for iPhones and iPads. While the software introduces exciting new features, the most critical part of this update lies in its ... Read more

Published Date: Sep 17, 2024 (2 months, 2 weeks ago)
  • The Cyber Express
Cert-In Issues High Severity Warning for Android Users, Recommends Patching

The Indian Computer Emergency Response Team (CERT-In), functioning under the Ministry of Electronics and Information Technology, has issued a high-severity warning aimed at users operating Android OS ... Read more

Published Date: Sep 12, 2024 (2 months, 3 weeks ago)
  • The Cyber Express
GitLab Issues Critical Patch Releases: Versions 17.3.2, 17.2.5, and 17.1.7 Address Key Vulnerabilities

GitLab has released critical patch updates across its Community Edition (CE) and Enterprise Edition (EE) to address security vulnerabilities and bugs. The GitLab critical patch release includes vital ... Read more

Published Date: Sep 12, 2024 (2 months, 3 weeks ago)
  • Help Net Security
Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)

Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code ... Read more

Published Date: Sep 11, 2024 (2 months, 3 weeks ago)
  • The Cyber Express
Microsoft September 2024 Patch Tuesday: Addressing 79 New Vulnerabilities and Product Updates

The second Tuesday of September has once again proven to be a significant date for cybersecurity with Microsoft’s latest Patch Tuesday update. This month’s release is dominated by a daunting array of ... Read more

Published Date: Sep 11, 2024 (2 months, 3 weeks ago)
  • BleepingComputer
Ivanti fixes maximum severity RCE bug in Endpoint Management software

Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server. Ivanti EPM helps admin ... Read more

Published Date: Sep 10, 2024 (2 months, 3 weeks ago)
  • The Cyber Express
Don’t Delay: Patch LoadMaster Now to Avoid Exploitation

A security vulnerability, identified as CVE-2024-7591, has been disclosed affecting all versions of LoadMaster and the LoadMaster Multi-Tenant (MT) hypervisor. The LoadMaster vulnerability is critical ... Read more

Published Date: Sep 10, 2024 (2 months, 3 weeks ago)
  • The Cyber Express
Critical Vulnerabilities Disclosed in IBM webMethods Integration Server

IBM has revealed several severe vulnerabilities within its webMethods Integration Server, a platform widely utilized for integration and API management. These IBM webMethods Integration vulnerabilitie ... Read more

Published Date: Sep 09, 2024 (2 months, 3 weeks ago)
  • The Cyber Express
Critical RCE Vulnerability Patched in Apache OFBiz (CVE-2024-45195)

Popular open-source enterprise Resource Planning (ERP) system, Apache OFBiz, recently discovered harboring a critical Remote Code Execution (RCE) vulnerability. Tracked as CVE-2024-45195, the Apache O ... Read more

Published Date: Sep 06, 2024 (2 months, 3 weeks ago)
  • The Cyber Express
Veeam Security Bulletin Fixes Critical Vulnerabilities for Backup & Replication, Veeam ONE and More

Veeam has published a new Security Bulletin addressing multiple critical vulnerabilities across its suite of products. The Veeam security bulletin, identified as KB ID: 4649, includes updates on Veeam ... Read more

Published Date: Sep 06, 2024 (2 months, 3 weeks ago)
  • The Cyber Express
High-Risk Vulnerabilities Discovered in Zyxel Firewalls: What You Need to Know

Zyxel Networks has recently issued a critical alert regarding several high-risk vulnerabilities affecting their firewall products. This warning comes as part of a broader security advisory that highli ... Read more

Published Date: Sep 04, 2024 (2 months, 4 weeks ago)
  • The Cyber Express
CERT-IN Warns About Critical Vulnerabilities in Palo Alto Networks Applications

The Indian Computer Emergency Response Team (CERT-IN) has issued advisories regarding critical vulnerabilities affecting several Palo Alto Networks applications. These vulnerabilities could allow atta ... Read more

Published Date: Sep 03, 2024 (3 months ago)
  • The Cyber Express
Canonical Addresses Critical Linux Kernel AWS Vulnerabilities with New Patches

Canonical has rolled out essential security updates for Ubuntu, addressing multiple Linux kernel vulnerabilities that also impact Amazon Web Services (AWS). These issues, which involve race conditions ... Read more

Published Date: Sep 03, 2024 (3 months ago)
  • The Cyber Express
Cyberattack Hits Shoshone-Bannock Tribes: Key Services Unaffected, Recovery in Progress

The Shoshone-Bannock Tribes have confirmed a cybersecurity incident that disrupted their operations on the Fort Hall Reservation in Idaho. The Shoshone-Bannock Tribes cyberattack, reported on August 2 ... Read more

Published Date: Sep 03, 2024 (3 months ago)
  • The Cyber Express
North Korean Hackers Exploited Chromium Zero-Day to Deploy Rootkit

In a recent attack, a North Korean threat actor leveraged a zero-day vulnerability in Google’s Chromium browser to deploy the FudModule rootkit, targeting cryptocurrency firms for financial gain. Micr ... Read more

Published Date: Aug 30, 2024 (3 months ago)
  • The Cyber Express
Cyberespionage Threat: APT-C-60 Targets East Asia with SpyGlace

A sophisticated cyberespionage campaign targeting East Asian countries has been uncovered, with the APT-C-60 group exploiting a zero-day vulnerability in WPS Office to deploy the notorious SpyGlace ba ... Read more

Published Date: Aug 30, 2024 (3 months ago)
  • The Cyber Express
Critical Vulnerabilities in Progress Software’s WhatsUp Gold Expose Systems to Severe Risks

Recent security findings reveal that Progress Software’s WhatsUp Gold, a prominent enterprise network monitoring and management solution, harbors significant vulnerabilities that could lead to full sy ... Read more

Published Date: Aug 30, 2024 (3 months ago)
  • The Cyber Express
Massive Mirai Botnet Exploited Zero-Day Vulnerability in AVTECH Cameras

Researchers have discovered a botnet campaign that is exploiting several vulnerabilities, including a zero-day vulnerability (CVE-2024-7029) in AVTECH closed-circuit television (CCTV) cameras that cou ... Read more

Published Date: Aug 30, 2024 (3 months ago)
  • The Cyber Express
Russian State Hackers Using Exploits ‘Strikingly Similar’ to Spyware Vendors NSO and Intellexa

Google has identified a connection between Russian state hackers and exploits that bear an “identical or strikingly similar” resemblance to those created by spyware companies NSO Group and Intellexa, ... Read more

Published Date: Aug 29, 2024 (3 months ago)
  • Cybersecurity News
Mirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029 in AVTECH IP Cameras

Akamai’s Security Intelligence Response Team (SIRT) has discovered a widespread Mirai botnet campaign exploiting a recently disclosed zero-day vulnerability (CVE-2024-7029) in AVTECH IP cameras. The v ... Read more

Published Date: Aug 29, 2024 (3 months ago)
  • The Cyber Express
Iranian State Hackers Act as Access Brokers for Ransomware Gangs, Target U.S. and Allies’ Critical Infrastructure

A shadowy group of Iranian cyber actors is acting as access brokers for ransomware gangs and collaborating with affiliates to target the U.S. and its allies, exploiting vulnerabilities across sectors ... Read more

Published Date: Aug 28, 2024 (3 months ago)
  • The Cyber Express
Critical Apache OFBiz Vulnerability CVE-2024-38856 Identified and Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a security vulnerability affecting Apache OFBiz, the open-source enterprise resource planning (ERP) system. This Apache OFB ... Read more

Published Date: Aug 28, 2024 (3 months ago)
  • The Cyber Express
Critical WPML Plugin Flaw Exposes Millions of WordPress Sites to Remote Code Execution

A critical vulnerability has been discovered in the WPML (WordPress Multilingual) plugin, exposing millions of WordPress websites to potential Remote Code Execution (RCE) attacks. This WPML Plugin Fla ... Read more

Published Date: Aug 28, 2024 (3 months ago)
  • The Cyber Express
Versa Director Zero-Day Attack: A Non-Critical Vulnerability with Low Exposure Can Still Be Trouble

A zero-day vulnerability in Versa Director servers is proof that a vulnerability doesn’t require a critical severity rating and thousands of exposures to do significant damage. CVE-2024-39717, announc ... Read more

Published Date: Aug 27, 2024 (3 months ago)
  • The Cyber Express
Critical Chrome Zero-Day Vulnerability (CVE-2024-7965) Requires Immediate User Action

Google recently addressed a critical zero-day vulnerability in its Chrome browser, identified as CVE-2024-7965. This high-severity flaw, affecting versions of Chrome prior to 128.0.6613.84, has been a ... Read more

Published Date: Aug 27, 2024 (3 months ago)
  • Cybersecurity News
Hacking the Hacker: Researcher Found Critical Flaw (CVE-2024-45163) in Mirai Botnet

Image: FortinetSecurity researcher Jacob Masse has exposed a critical vulnerability within the Mirai botnet, the infamous malware that has plagued the Internet of Things (IoT) and server landscapes si ... Read more

Published Date: Aug 26, 2024 (3 months, 1 week ago)
  • The Cyber Express
Critical Remote Code Execution Vulnerability Addressed in GiveWP Plugin

The GiveWP plugin, a widely used donation and fundraising tool for WordPress, has recently undergone a crucial update to address a severe security flaw. This GiveWP vulnerability, discovered by the re ... Read more

Published Date: Aug 20, 2024 (3 months, 1 week ago)
  • BleepingComputer
Ivanti warns of critical vTM auth bypass with public exploit

​Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts. Iv ... Read more

Published Date: Aug 13, 2024 (3 months, 2 weeks ago)
  • Cyber Security News
Threat Actors Exploiting OS Command Injection Flaws To Hack Systems, CISA Warns

By exploiting OS command injection vulnerabilities, threat actors can run arbitrary commands on a host operating system to obtain unauthorized access, control, and the power to either corrupt or steal ... Read more

Published Date: Jul 29, 2024 (4 months ago)
  • The Cloudflare Blog
RADIUS/UDP vulnerable to improved MD5 collision attack

2024-07-0917 min readThe MD5 cryptographic hash function was first broken in 2004, when researchers demonstrated the first MD5 collision, namely two different messages X1 and X2 where MD5(X1) = MD5 (X ... Read more

Published Date: Jul 09, 2024 (4 months, 3 weeks ago)
  • NVISO Labs
Covert TLS n-day backdoors: SparkCockpit & SparkTar

In early 2024, Ivanti’s Pulse Secure appliances suffered from wide-spread exploitation through the then reported vulnerabilities CVE-2023-46805 & CVE-2024-21887. Amongst the many victims, a critical-s ... Read more

Published Date: Mar 01, 2024 (9 months ago)

The following table lists the changes that have been made to the CVE-2024-21887 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Modified Analysis by [email protected]

    Nov. 29, 2024

    Action Type Old Value New Value
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html
    Added Reference https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
  • Modified Analysis by [email protected]

    Jun. 10, 2024

    Action Type Old Value New Value
    Changed Reference Type http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html No Types Assigned http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html Exploit, Third Party Advisory, VDB Entry
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Jan. 22, 2024

    Action Type Old Value New Value
    Added Reference HackerOne http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html [No types assigned]
  • CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725

    Jan. 19, 2024

    Action Type Old Value New Value
    Changed Due Date 2024-01-31 2024-01-22
  • CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725

    Jan. 13, 2024

    Action Type Old Value New Value
    Added Date Added 2024-01-10
    Added Vulnerability Name Ivanti Connect Secure and Policy Secure Command Injection Vulnerability
    Added Due Date 2024-01-31
    Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Initial Analysis by [email protected]

    Jan. 12, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
    Changed Reference Type https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US No Types Assigned https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US Vendor Advisory
    Added CWE NIST CWE-77
    Added CPE Configuration OR *cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.5:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.0:*:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.5:r2.1:*:*:*:*:*:* *cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*
  • CVE Received by [email protected]

    Jan. 12, 2024

    Action Type Old Value New Value
    Added Description A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
    Added Reference HackerOne https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US [No types assigned]
    Added CVSS V3 HackerOne AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-21887 is associated with the following CWEs:

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

96.76 }} -0.22%

score

0.99721

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability