-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
How does Holm Security support detection for Ivanti Connect Secure (CVE-2023-46805, CVE-2024-21887)?
Ivanti issued a security advisory on 10 January regarding two zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure. These vulnerabilities pose significant risks to organizations. Threat actors are actively targeting and exploiting these vulnerabilities, CVE-2023-46805 and CVE-2024-21887. It is worth noting that at least one attack has been linked to a Chinese nation-state actor known as UTA0178.
Update 2024-01-22: New tests added
Holm Security has released a remote Vulnerability Test that will verify if the version installed on the target systems is vulnerable to these flaws:
- HID-2-1-5355076
Ivanti Connect Secure Multiple Vulnerabilities (CVE-2023-46805, CVE-2024-21887).
As well as an active vulnerability test that will actively check the exploitability of the target system:
- HID-2-1-5355086
Ivanti Connect Secure and Policy Secure Gateways Multiple Vulnerabilities Active Detection (KB43892).
Update 2024-02-02: All tests added
Coverage completed for the vulnerability.
More information
You can read more about this vulnerability in our blog.