Ivanti vTM: authentication bypass (CVE-2024-7593) #shorts #breaking

CVE

This CVE concerns a recent vulnerability identified in the Ivanti Virtual Traffic Manager that has been marked as a zero-day. Discovered approximately two months ago, this severe issue resides in the incorrect implementation of an authentication algorithm in versions before 22.2R1 and 22.7R2. The flaw permits remote attackers, without authentication, to bypass security restrictions and access the administrator panel of the affected systems. The exploitability of this vulnerability poses a significant risk, given that impacted organizations could lose control over their administrative functionalities, leading to unauthorized actions. Although the specific tools used to exploit this flaw remain unknown, various organizations have already suffered attacks. Therefore, it is crucial for all users of the affected Ivanti Virtual Traffic Manager versions to stay informed about this critical security lapse.

Watch the full video on YouTube: CVE-2024-7593

Remediation and exploitation details

This chain involves the following actors

This following systems are involved

Attack entry point

Remediation actions

Exploitation actions

Related Content

NOTE: The following related content has not been vetted and may be unsafe.

CVE database technical details

CVE ID
CVE-2024-7593
Description
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
Provider
ivanti
CWE / problem types
CWE-287 Improper Authentication,CWE-303 Incorrect Implementation of Authentication Algorithm
Affected Software Versions
Ivanti:vTM:[{'status': 'unaffected', 'version': '22.7R2', 'versionType': 'custom'}, {'status': 'unaffected', 'version': '22.2R1', 'versionType': 'custom'}]
Date Published
2024-08-13T18:17:47.248Z
Last Updated
2024-09-24T19:45:51.448Z