CyberSecurity updates
Updated: 2024-10-30 20:06:32 Pacfic


informationsecuritybuzz.com
CISA Warns of Actively Exploited Ivanti Virtual Traffic Manager (vTM) Vulnerability, CVE-2024-7593 - 3d

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory about an actively exploited vulnerability in Ivanti Virtual Traffic Manager (vTM), a widely deployed application delivery controller. This vulnerability, CVE-2024-7593, allows for unauthenticated remote code execution (RCE) and has been assigned a CVSS score of 9.8, indicating a critical severity level. Attackers can exploit this flaw to gain complete control of vulnerable systems, potentially disrupting services, stealing data, or launching further attacks. CISA urges organizations to prioritize patching their vTM systems and implementing appropriate security controls to mitigate the risks.

informationsecuritybuzz.com
Exploitation of Critical Ivanti Virtual Traffic Manager Vulnerability CVE-2024-7593: Urgent Patching Required - 5d

The Ivanti Virtual Traffic Manager (vTM), a software-based Application Delivery Controller (ADC), has been found to be vulnerable to a critical authentication bypass flaw, CVE-2024-7593. This vulnerability has been actively exploited by malicious actors and has been added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog, making it an urgent priority for organizations to patch. The vulnerability allows attackers to bypass authentication on publicly exposed vTM admin panels, potentially creating unauthorized administrator accounts. This could grant attackers full control over the vTM system, leading to data breaches, system compromises, and disruption of services.

informationsecuritybuzz.com
Active Exploitation of Ivanti Virtual Traffic Manager Vulnerability - 5d

CISA has issued an urgent advisory regarding an actively exploited security vulnerability impacting Ivanti Virtual Traffic Manager (vTM), a widely deployed application delivery controller. The vulnerability, tracked as CVE-2024-7593, allows for unauthenticated remote code execution (RCE) and has been assigned a CVSS score of 9.8, indicating a critical severity level. Attackers are leveraging this flaw to gain unauthorized access to systems and potentially compromise critical infrastructure. Organizations using vulnerable versions of Ivanti vTM are strongly advised to apply the necessary patches and follow CISA’s recommendations to mitigate the risk.

informationsecuritybuzz.com
CISA Warns of Actively Exploited Ivanti vTM Flaw CVE-2024-7593 (CVSS 9.8), PoC Published - 5d

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about an actively exploited vulnerability in Ivanti Virtual Traffic Manager (vTM). This vulnerability, identified as CVE-2024-7593, is rated with a CVSS score of 9.8, signifying a high severity level. The flaw allows attackers to bypass authentication and gain unauthorized access to vTM systems, potentially leading to data breaches and disruptions. CISA strongly urges organizations using Ivanti vTM to prioritize applying the available security patch to mitigate the risk.


This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts documented at my website here (https://royans.net/) if you have feedback. You can also find FlagThis at Mastodon.