Read more: informationsecuritybuzz.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory about an actively exploited vulnerability in Ivanti Virtual Traffic Manager (vTM), a widely deployed application delivery controller. This vulnerability, CVE-2024-7593, allows for unauthenticated remote code execution (RCE) and has been assigned a CVSS score of 9.8, indicating a critical severity level. Attackers can exploit this flaw to gain complete control of vulnerable systems, potentially disrupting services, stealing data, or launching further attacks. CISA urges organizations to prioritize patching their vTM systems and implementing appropriate security controls to mitigate the risks.