Ivanti Connect Secure, Policy Secure, and Secure Access Client are vulnerable to 25 security vulnerabilities. Out of these 25, eight are rated as critical, 13 as high, and four as medium.
Ivanti mentioned in the advisory that there was no prior knowledge of any customers being exploited by these vulnerabilities prior to public disclosure.
Ivanti Cloud Services Application (CSA) is a landing page for Ivanti Endpoint Manager and Endpoint Security for Endpoint Manager. It provides access to product downloads, documentation, configuration and troubleshooting guides, and knowledge base.
Ivanti Policy Secure (IPS) is a Network Access Control (NAC) solution providing access to authorized and secured users and devices. It’s a central policy management server that validates the user’s identity and determines the endpoint’s security compliance.
Ivanti Secure Access Client (ISAC) is a software suite allowing employees to access corporate networks securely.
CVE-2024-38655, CVE-2024-38656, CVE-2024-39710, CVE-2024-39711, CVE-2024-39712, CVE-2024-11007, CVE-2024-11006, and CVE-2024-11005
All the vulnerabilities have a CVSS score of 9.1, impacting various Connect Secure and Policy Secure versions. These argument injection and command injection vulnerabilities may allow a remote authenticated attacker with admin privileges to achieve remote code execution.
Affected and Patched versions
| Product Name | Affected Versions | Resolved Versions |
| Ivanti Connect Secure (ICS) | 22.7R2.2 and prior | 22.7R2.3 |
| Ivanti Policy Secure (IPS) | 22.7R1.1 and prior | 22.7R1.2 |
| Ivanti Secure Access Client (ISAC) | 22.7R3 and prior | 22.7R4 |
Please refer to the Ivanti Security Advisory for more information.
Qualys Detection
Qualys customers can scan their devices with QIDs 731893 and 731894 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
