Ivanti security advisory (AV24-075)

From: Canadian Centre for Cyber Security

Serial number: AV24-075
Date: February 9, 2024

On February 8, 2024, Ivanti published a security advisory to address a vulnerability in the following products:

  • Ivanti Connect Secure (ICS) gateway – versions 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2, 22.5R1.1, and 22.5R2.2
  • Ivanti Policy Secure (ICS) gateway – version 22.5R1.1
  • ZTA gateway – versions 22.6R1.3

Exploitation of these vulnerabilities could allow for authentication bypass.

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates once available.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: