all InfoSec news
Exploit Code Published for Ivanti Sentry Flaw
Malware Analysis, News and Indicators - Latest topics malware.news
Three days after Ivanti warned customers about a new actively exploited vulnerability in its Sentry appliances, researchers have released a working proof-of-concept exploit for the bug.
The vulnerability (CVE-2023-38035) is an authentication bypass bug in all supported versions of the Ivanti Sentry appliance, which is an in-line mobile traffic management system. Ivanti released an advisory about the bug on Monday, and warned that it was aware of some limited exploitation of it.
“CVE-2023-38035 enables an unauthenticated actor with access …
actively exploited authentication authentication bypass bug bypass code concept customers cve cve-2023-38035 exploit exploit code exploited flaw ivanti ivanti sentry management mobile mobile traffic proof proof-of-concept researchers sentry system traffic traffic management vulnerability working