Ivanti ICS and IPS Command Injection - CVE-2024-2188

Summary#

Invicti identified a Out of Band Command Injection by capturing a DNS A request, which occurs when input data is interpreted as an operating system command.

This is a highly critical issue and should be addressed as soon as possible.

Impact#

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.

Remediation#

Upgrade to the latest version of Ivanti Connect Secure / Policy Secure

Classifications#

OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H, CAPEC-88, CWE-78, WASC-31, ISO27001-A.14.2.5, HIPAA-164.306(a), 164.308(a), PCI v3.2-6.5.1

Ivanti ICS and IPS Command Injection – CVE-2024-2188

Related Articles

Build your resistance to threats. And save hundreds of hours each month.