Ivanti has launched safety updates to deal with 4 safety flaws impacting Join Safe and Coverage Safe Gateways that might lead to code execution and denial-of-service (DoS).
The record of flaws is as follows –
- CVE-2024-21894 (CVSS rating: 8.2) – A heap overflow vulnerability within the IPSec element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated malicious consumer to ship specifically crafted requests with the intention to crash the service thereby inflicting a DoS assault. In sure situations, this will likely result in execution of arbitrary code.
- CVE-2024-22052 (CVSS rating: 7.5) – A null pointer dereference vulnerability in IPSec element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated malicious consumer to ship specifically crafted requests with the intention to crash the service thereby inflicting a DoS assault.
- CVE-2024-22053 (CVSS rating: 8.2) – A heap overflow vulnerability within the IPSec element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated malicious consumer to ship specifically crafted requests with the intention to crash the service thereby inflicting a DoS assault or in sure situations learn contents from reminiscence.
- CVE-2024-22023 (CVSS rating: 5.3) – An XML entity growth or XEE vulnerability in SAML element of Ivanti Join Safe (9.x, 22.x) and Ivanti Coverage Safe permits an unauthenticated attacker to ship specifically crafted XML requests with the intention to quickly trigger useful resource exhaustion thereby leading to a limited-time DoS.
The corporate, which has been grappling with a gentle stream of safety flaws in its merchandise because the begin of the 12 months, stated it is not conscious of “any customers being exploited by these vulnerabilities at the time of disclosure.”
Late final month, Ivanti shipped patches for crucial shortcoming in its Standalone Sentry product (CVE-2023-41724, CVSS rating: 9.6) that might allow an unauthenticated risk actor to execute arbitrary instructions on the underlying working system.
It additionally resolved one other crucial flaw impacting on-premises variations of Neurons for ITSM (CVE-2023-46808, CVSS rating: 9.9) that an authenticated distant attacker may abuse with the intention to carry out arbitrary file writes and acquire code execution.
In an open letter revealed on April 3, 2023, Ivanti’s CEO Jeff Abbott stated the corporate is taking a “close look” at its personal posture and processes to fulfill the necessities of the present risk panorama.
Abbott additionally stated “events in recent months have been humbling” and that it is executing a plan that primarily modifications its safety working mannequin by adopting secure-by-design ideas, sharing data with prospects with full transparency, and rearchitecting its engineering, safety, and vulnerability administration practices.
“We are intensifying our internal scanning, manual exploitation and testing capabilities, engaging trusted third parties to augment our internal research and facilitating responsible disclosure of vulnerabilities with increased incentives around an enhanced bug bounty program,” Abbott stated.
