all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ivanti Zero Day – Threat Actors observed leveraging CVE-2021-42278 and CVE-2021-42287 for quick privilege escalation to Domain Admin

Add to bookmarks
Feb. 5, 2024, 1:26 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Authors: David Brown and Mungomba Mulenga


TL;dr


NCC Group has observed what we believe to be the attempted exploitation of CVE-2021-42278 and CVE-2021-42287 as a means of privilege escalation, following the successful compromise of an Ivanti Secure Connect VPN using the following zero-day vulnerabilities reported by Volexity1 on 10/01/2024:



  • CVE-2023-46805 – an authentication-bypass vulnerability with a CVSS score of 8.2



  • CVE-2024-21887 – a command-injection vulnerability found into multiple web components with a CVSS score of 9.1


By combining these vulnerabilities …

admin authors compromise connect cve domain domain admin escalation exploitation ivanti malware analysis ncc ncc group privilege privilege escalation threat threat actors vpn we believe

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Navigating the cybersecurity career maze an hour ago | malware.news
article career careers cyber +12
The Top 11 Legal Industry Cyber Attacks an hour ago | malware.news
addition attack attacks breach +13
Sophos named a Leader in the 2024 IDC MarketScape for Worldwide Managed Detection and Response … 2 hours ago | malware.news
and response article business capabilities +14
Another Day, Another NAS: Attacks against Zyxel NAS326 devices CVE-2023-4473, CVE-2023-4474, (Tue, Apr 30th) 2 hours ago | malware.news
article attacks cve devices +13
LABScon23 Replay | From Vulkan to Ryazan – Investigative Reporting from the Frontlines of Infosec 2 hours ago | malware.news
called campaigns companies critical +19
Defending infrastructure, securing systems key to CISA's new AI guidelines 2 hours ago | malware.news
article artificial artificial intelligence benefits +14
Announcing the General Availability of Spectra Detect v5.0: Enhancing File Analysis for Advanced Threat Detection 3 hours ago | malware.news
advanced advanced threat advanced threat detection analysis +22
ReversingLabs Hashing Algorithm 3 hours ago | malware.news
algorithm algorithms allowlisting applications +15
How to Stop Phishing Attacks Being Missed 3 hours ago | malware.news
attachments attackers attacks business +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Threat Analysis Engineer

@ Gen | IND - Tamil Nadu, Chennai
View on infosec-jobs.com

Head of Security

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com

IT Security Vulnerability Management Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Security Engineer - Netskope/Proofpoint

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Journeyman Cybersecurity Analyst

@ ISYS Technologies | Kirtland AFB, NM, United States
View on infosec-jobs.com
View more jobs