Priya PatelThe Australian Cyber Security Centre (ACSC) has issued an alert about critical vulnerabilities in the Ivanti Connect Secure (ICS) VPN and the Ivanti Policy Secure (IPS) network access control solution. The ACSC reports that an authentication bypass vulnerability in the web component of both solutions allows a remote attacker to access restricted resources by bypassing control checks. Additionally, a command injection vulnerability in web components of ICS and IPS allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. Ivanti is aware of active exploitation of these vulnerabilities and is working on releasing patches.
- The ACSC issued an alert about critical vulnerabilities in the Ivanti Connect Secure (ICS) VPN and the Ivanti Policy Secure (IPS) network access control solution.
- An authentication bypass vulnerability in the web component of both solutions allows remote attackers to access restricted resources. Additionally, a command injection vulnerability allows authenticated administrators to execute arbitrary commands on the appliance.
The ACSC has encouraged users to apply any available mitigations and patches as soon as possible. Ivanti has stated that patches will be released in a staggered schedule, with the first version targeted to be available to customers the week of January 22, 2024, and the final version targeted to be available the week of February 19, 2024. In the meantime, Ivanti is providing mitigations to prioritize the best interest of its customers.
