Subj : Ivanti tried to patch its VPN security flaws but just found more To : All From : TechnologyDaily Date : Thu Feb 01 2024 16:30:05 Ivanti tried to patch its VPN security flaws but just found more problems Date: Thu, 01 Feb 2024 16:28:59 +0000 Description: Two new Ivanti VPN flaws discovered, including a zero-day allegedly abused by Chinese hackers FULL STORY ====================================================================== While looking to patch two high-severity flaws in a VPN solution being abused in the wild, Ivanti found two more - one of which, it seems, is already known to some threat actors. In early January 2024, Ivanti said it uncovered and patched two vulnerabilities found in its Connect Secure VPN products . Tracked as CVE-2023-46805 and CVE-2024-21887 and could have been used, the vulnerabilities, researchers were saying at the time, were being used to break into vulnerable networks and steal sensitive data. Two weeks later, Ivanti urged users to apply the proposed workaround immediately as evidence started emerging of in-the-wild abuse, mostly by Chinese state-sponsored threat actors. Multiple compromised systems A patch was in the works - but as Ivanti set out to patch the flaws, it said it found two more lurking in Connect Secure VPN, TechCrunch reports. One is CVE-2024-21888, described as a privilege escalation flaw. The latter, a zero-day, is a server-side vulnerability enabling hackers to access restricted resources, unauthenticated. The company is also warning that the latter is being used in targeted attacks. In its writeup, TechCrunch also said that Germanys Federal Office for Information Security was also aware of multiple compromised systems and that all previously patched systems were at risk of the server-side bug. While Ivanti isnt pointing any fingers, both Volexity and Mandiant said that the previous two flaws were being used by Chinese state-sponsored threat actors. Ivanti and independent researchers also dont seem to be seeing eye-to-eye on the number of victims, as well. While Ivanti claims that fewer than 20 of its customers were affected by the bug (up from previously claimed 10), Volexity puts that number at 1,700, at least. Even CISA weighed in recently, urging all federal agencies to apply the patch immediately, due to evidence of the flaws being used by hackers. More from TechRadar Pro Ivanti warns Connect Secure zero-days exploited by hackers Here's a list of the best firewalls around today These are the best endpoint security tools right now ====================================================================== Link to news story: https://www.techradar.com/pro/security/ivanti-tried-to-patch-its-vpn-security- flaws-but-just-found-more-problems --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .