Ivanti Releases Security Advisory May 2024

Sixteen vulnerabilities have been seen in products including Avalanche, Connect Secure, Secure Access, and EPM

Threat ID:: CC-4499
Threat Severity:: Medium
Published:: 22 May 2024 4:58 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Sixteen vulnerabilities have been seen in products including Avalanche, Connect Secure, Secure Access, and EPM

Affected platforms

The following platforms are known to be affected:

Ivanti Avalanche

Ivanti Neurons for IT Service Management (ITSM)

Ivanti Connect Secure

Ivanti Policy Secure

Ivanti Secure Access (formerly known as Pulse Secure Desktop Client)

Ivanti Endpoint Manager

EPM

Threat details

Introduction

Ivanti has disclosed 16 vulnerabilities, all with CVSSv3 scores of 7.3 and higher, in multiple product lines in their May 2024 security advisory. The advisory has links to the specific knowledge base articles addressing the vulnerabilities. Some of the impacts of these vulnerabilities could be a denial-of-service condition, arbitrary code execution, privilege escalation, cross-site scripting, and others.

Exploitation of CVE-2024-29824

The US Cybersecurity and Infrastructure Security Agency (CISA) have added CVE-2024-29824 to the list of Known Exploited Vulnerability Catalog, which indicates that it is being exploited in the wild. Proof-of-concept code was made available in June 2024.

Threat updates

Date	Update
3 Oct 2024	CVE-2024-29824 added to CISA KEV
17 Jun 2024	A proof-of-concept for the exploitation of CVE-2024-29824 has been publicly released. The cyber alert has been updated to reflect this change

Remediation advice

Affected organisations are encouraged to review Ivanti Security Advisory May 2024 and apply any relevant security updates.

Remediation steps

Type	Step
Patch	Ivanti Avalanche CVE-2024-29848 https://forums.ivanti.com/s/article/Avalanche-6-4-3-602-additional-security-hardening-and-CVE-fixed
Patch	Ivanti Neurons for ITSM CVE-2024-22059 CVE-2024-22060 Cloud Customers: The hotfix has been applied to all Ivanti Neurons for ITSM landscapes On Premise Customers: A patch is available on the Ivanti Neurons for ITSM Downloads page named "Ivanti Neurons for ITxM 2023.X Hotfix 2" for each respective 2023.X version. This will require upgrading to 2023.X to apply the patch https://forums.ivanti.com/s/article/KB-CVE-2024-22059-and-CVE-2024-22060-for-Ivanti-Neurons-for-ITSM
Patch	Ivanti Connect Secure (ICS), (formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways CVE-2023-38551 https://forums.ivanti.com/s/article/KB-Security-Advisory-Ivanti-Connect-Secure-Ivanti-Policy-Secure-May-2024
Patch	Ivanti Secure Access (formerly known as Pulse Secure Desktop Client) CVE-2023-38042 CVE-2023-46810 https://forums.ivanti.com/s/article/KB-Security-Advisory-Ivanti-Secure-Access-Client-May-2024
Patch	Ivanti Endpoint Manager (EPM) CVE-2024-29822 CVE-2024-29823 CVE-2024-29824 CVE-2024-29825 CVE-2024-29826 CVE-2024-29827 CVE-2024-29828 CVE-2024-29829 CVE-2024-29830 CVE-2024-29846 https://forums.ivanti.com/s/article/KB-Security-Advisory-EPM-May-2024

Definitive source of threat updates

https://forums.ivanti.com/s/article/Security-Advisory-May-2024