Are You Updating Ivanti Software to Address Critical Vulnerabilities?

Article Highlights
Off On

The recent revelations about critical vulnerabilities in Ivanti software products have sparked significant concern within the cybersecurity community. Ivanti has released crucial security updates to address multiple severe flaws in its Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) products. These vulnerabilities, if left unpatched, pose a considerable risk to users, as they can be exploited to achieve arbitrary code execution. The specific vulnerabilities addressed by Ivanti include CVE-2024-38657, CVE-2025-22467, CVE-2024-10644, and CVE-2024-47908, with CVSS scores ranging from 9.1 to 9.9, signifying their critical nature.

Details of the Vulnerabilities

The flaw identified as CVE-2024-38657, which carries a CVSS score of 9.1, involves external control of a file name in Connect Secure (pre-version 22.7R2.4) and Policy Secure (pre-version 22.7R1.3). This vulnerability allows a remote authenticated attacker with administrative privileges to write arbitrary files, potentially leading to severe security breaches. Another major vulnerability, CVE-2025-22467, with a higher CVSS score of 9.9, is a stack-based buffer overflow in Connect Secure (pre-version 22.7R2.6). This flaw enables a remote authenticated attacker to execute remote code, posing a significant threat to affected systems.

Additionally, the vulnerability tagged CVE-2024-10644, with a CVSS score of 9.1, is an instance of code injection in Connect Secure (pre-version 22.7R2.4) and Policy Secure (pre-version 22.7R1.3). This allows a remote authenticated attacker with administrative privileges to execute remote code. Another critical vulnerability, CVE-2024-47908, also with a CVSS score of 9.1, involves OS command injection in the CSA admin web console (pre-version 5.0.5). Similar to the other vulnerabilities, this flaw permits a remote authenticated attacker with administrative privileges to execute remote code.

Importance of Timely Updates

To mitigate these severe threats, Ivanti urges users to update their systems immediately to the latest secure versions: Connect Secure 22.7R2.6, Policy Secure 22.7R1.3, and CSA 5.0.5. While Ivanti has reported no known exploitation of these vulnerabilities in the wild, the company’s products have previously been targeted by malicious entities. This includes the recent exploitation of a different Ivanti vulnerability (CVE-2025-0282) highlighted by JPCERT/CC, which was used to distribute the SPAWNCHIMERA malware—a sophisticated fusion of previous SPAWN malware variants.

The urgency of applying these patches cannot be overstated. Without timely updates, these vulnerabilities could serve as gateways for cyberattacks, putting high-value organizations at risk of espionage and other malicious activities. Ivanti has demonstrated its commitment to strengthening its software by adhering to secure-by-design principles, enhancing internal scanning processes, manual exploitation testing, and fostering collaborations within the security ecosystem to prevent such attacks.

Comparable Security Incidents

This situation with Ivanti is not isolated. For instance, Bishop Fox recently disclosed details on a patched vulnerability in SonicWall SonicOS (CVE-2024-53704), which exposed nearly 4,500 SSL VPN servers to attack due to incomplete patches as of February 7, 2025. Similarly, Akamai reported two severe vulnerabilities in Fortinet FortiOS (CVE-2024-46666 and CVE-2024-46668) that enabled denial-of-service (DoS) and remote code execution, which were addressed by Fortinet on January 14, 2025. Compounding these concerns, Fortinet updated its advisory for CVE-2024-55591 to disclose CVE-2025-24472, another authentication bypass flaw which was simultaneously patched.

The pattern of these incidents underlines the broader challenges faced by the cybersecurity community in maintaining network security. The cooperative efforts between security researchers and vendors play a pivotal role in identifying and mitigating potential threats through timely updates. This ongoing vigilance is crucial to safeguard against the ever-evolving tactics of sophisticated threat actors.

Conclusion

Recent revelations about critical vulnerabilities in Ivanti software products have ignited significant concern in the cybersecurity community. Ivanti has issued essential security updates to fix several severe flaws in its Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) products. These vulnerabilities, if not patched, pose a major risk to users, as they could be exploited for arbitrary code execution. The specific vulnerabilities addressed by Ivanti include CVE-2024-38657, CVE-2025-22467, CVE-2024-10644, and CVE-2024-47908, which have CVSS scores ranging from 9.1 to 9.9, indicating their critical severity. The potential impact of these vulnerabilities is substantial, possibly leading to unauthorized access, data breaches, or system compromises. Users are urged to promptly apply the provided security updates to mitigate these threats and safeguard their systems against exploitation. The swift response from Ivanti highlights the importance of diligent patch management in maintaining cybersecurity resilience.

Explore more

Wix and ActiveCampaign Team Up to Boost Business Engagement

In an era where businesses are seeking efficient digital solutions, the partnership between Wix and ActiveCampaign marks a pivotal moment for enhancing customer engagement. As online commerce evolves, enterprises require robust tools to manage interactions across diverse geographical locations. This alliance combines Wix’s industry-leading website creation and management capabilities with ActiveCampaign’s sophisticated marketing automation platform, promising a comprehensive solution to

Can Coal Plants Power Data Centers With Green Energy Storage?

In the quest to power data centers sustainably, an intriguing concept has emerged: retrofitting coal plants for renewable energy storage. As data centers grapple with skyrocketing energy demands and the imperative to pivot toward green solutions, this innovative idea is gaining traction. The concept revolves around transforming retired coal power facilities into thermal energy storage sites, enabling them to harness

Can AI Transform Business Operations Successfully?

Artificial intelligence (AI) has emerged as a foundational technology poised to revolutionize the structure and efficiency of business operations across industries. With the ability to automate tasks, predict outcomes, and derive insights from vast datasets, AI presents an opportunity for transformative change. Yet, despite its promise, successfully integrating AI into business operations remains a complex undertaking for many organizations. Businesses

Is PayPal Revolutionizing College Sports Payments?

PayPal has made a groundbreaking entry into collegiate sports by securing substantial agreements with the NCAA’s Big Ten and Big 12 conferences, paving the way for student-athletes to receive compensation via its platform. This move marks a significant evolution in PayPal’s strategy to position itself as a leading financial services provider under CEO Alex Criss. With a monumental $100 million

Zayo Expands Fiber Network to Meet Rising Data Demand

The increasing reliance on digital communications and data-driven technologies, such as artificial intelligence, remote work, and ongoing digital transformation, has placed unprecedented demands on the fiber infrastructure industry. Projections indicate a need for nearly 200 million additional fiber-network miles by 2030 to prevent bandwidth shortages, putting pressure on companies like Zayo. As a prominent provider in the telecom infrastructure sector,