Ivanti vows to transform its security operating model, reveals new vulnerabilities

Ivanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure (SSL VPN solution) and Ivanti Policy Secure (NAC solution), some of which could also lead to execution of arbitrary code or information disclosure. Also, three months since attackers started exploiting a string of zero-days in Ivanti Connect Secure and bypassing mitigations for them, the company’s CEO has announced they will be accelerating security initiatives and improving security practices. The patched vulnerabilities Four vulnerabilities … More →

The post …

arbitrary code attackers code connect connect secure disclosure don't miss dos enterprise exploiting hot stuff information information disclosure ivanti ivanti connect secure ivanti policy secure nac patches policy policy secure security solution ssl ssl vpn transform vpn vulnerabilities vulnerability vulnerability management zero-days