-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
System & Network Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability Manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS ASV scans
-
Partner Portal
-
Terms & conditions
-
Dashboard
How does Holm Security support detection for Ivanti Connect Secure (CVE-2023-46805, CVE-2024-21887)?
Ivanti issued a security advisory on 10 January regarding two zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure. These vulnerabilities pose significant risks to organizations. Threat actors are actively targeting and exploiting these vulnerabilities, CVE-2023-46805 and CVE-2024-21887. It is worth noting that at least one attack has been linked to a Chinese nation-state actor known as UTA0178.
Update 2024-01-22: New tests added
Holm Security has released a remote Vulnerability Test that will verify if the version installed on the target systems is vulnerable to these flaws:
- HID-2-1-5355076
Ivanti Connect Secure Multiple Vulnerabilities (CVE-2023-46805, CVE-2024-21887).
As well as an active vulnerability test that will actively check the exploitability of the target system:
- HID-2-1-5355086
Ivanti Connect Secure and Policy Secure Gateways Multiple Vulnerabilities Active Detection (KB43892).
Update 2024-02-02: All tests added
Coverage completed for the vulnerability.
More information
You can read more about this vulnerability in our blog.