Ivanti Urgently Patches Critical Security Flaws: Admin Access Nightmare Averted!

Ivanti has patched a critical flaw in Virtual Traffic Manager (vTM) that could allow authentication bypass and rogue admin creation. This CVE-2024-7593 vulnerability, with a CVSS score of 9.8, highlights the importance of applying security updates promptly to avoid potential exploitation.

3P
Published: August 14, 2024 5:59 amAdded: August 14, 2024 at 1:02 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Ivanti’s latest update: Fixing flaws faster than you can say “CVE-2024-7593”! With a CVSS score of 9.8, this is the security equivalent of finding a shark in your kiddie pool. Time to patch up, folks!

Key Points:

  • Ivanti rolls out fixes for a critical authentication bypass flaw in Virtual Traffic Manager (vTM).
  • The vulnerability, CVE-2024-7593, has a near-apocalyptic CVSS score of 9.8.
  • Temporary mitigations include limiting admin interface access or restricting it to trusted IPs.
  • Ivanti also patches severe vulnerabilities in Neurons for ITSM and Ivanti Avalanche.
  • No evidence of in-the-wild exploits yet, but a proof-of-concept (PoC) is already public.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?