Ivanti Says Second Zero-Day Used in Norway Government Breach

Exploitation No Longer Requires Admin Authentication When Chained With Earlier Flaw
Threat actors who recently attacked a dozen Norwegian ministries by exploiting a zero-day vulnerability in Ivanti's endpoint management software appeared to have another zero-day flaw that tied to the overall attack exploit chain, Ivanti confirmed on Friday.

admin attack authentication breach endpoint endpoint management exploit exploitation exploiting flaw government ivanti management norway norwegian ministries software vulnerability zero-day zero-day flaw zero-day vulnerability