tldr - powered by Generative AI

Exploitation of a recently disclosed XML external entity (XXE) vulnerability impacting Ivanti enterprise VPN and network access products has commenced.
  • The XXE vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateway appliances allows unauthorized access to restricted resources.
  • Patches for the vulnerability have been released for affected versions of the products.
  • The vulnerability was introduced while attempting to address a different vulnerability in the SAML component.
  • Proof-of-concept (PoC) exploits for the vulnerability have been made public.
  • Devices were observed being compromised shortly after installing the latest patches and performing a factory reset.
  • Customers are advised to apply the patches regardless of previous installations.
  • No evidence of malicious attacks exploiting the vulnerability has been found yet.
XXE vulnerability
network access products

Post a comment

Related articles