Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation

Recently, a severe server-side request forgery (SSRF) vulnerability impacting Ivanti’s Connect Secure and Policy Secure products has attracted widespread exploitation. The Shadowserver Foundation has detected exploitation attempts from over 170 unique IP addresses with the intention to establish a reverse shell, among other activities. These attacks are exploiting CVE-2024-21893 (CVSS), a noteworthy vulnerability. Ivanti, a significant player in VPN services, finds itself facing heightened security scrutiny as it grapples with the ramifications of this flaw.

Published: Tue, 06 Feb 2024 12:28:00 +0530