Zero-Day Exploitation of Ivanti Connect Secure and Policy Secure Gateways

CVE-2023-46805 and CVE-2024-21887 are zero-day vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure gateways. They have been exploited in the wild to gain access to corporate networks and conduct a range of nefarious activities, including backdooring legitimate files.

access backdooring connect corporate cve emergent threat response exploitation exploited files ivanti networks policy vulnerabilities vulnerability risk management zero-day zero-day vulnerabilities