The Canadian Centre for Cyber Security (Cyber Centre) joined the Cybersecurity and Infrastructure Security Agency (CISA) and the following international partners in releasing a cyber security advisory highlighting multiple vulnerabilities within Ivanti Connect Secure and Ivanti Policy Secure gateways:
- Federal Bureau of Investigation (FBI)
- Multi-State Information Sharing and Analysis Center (MS-ISAC)
- Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC)
- New Zealand’s National Cyber Security Centre (NCSC-NZ)
- Computer Emergency Response Team New Zealand (CERT-NZ)
- United Kingdom’s National Cyber Security Centre (NCSC-UK)
The vulnerabilities noted in this joint cyber security advisory impact all supported versions (9.x and 22.x). These vulnerabilities can be used in a chain of exploits to enable threat actors to bypass authentication, craft malicious requests, and execute arbitrary commands with elevated privileges. These initial exploits can be leveraged to inflict further damage, including but not limited to data exfiltration and credential theft.
This joint advisory provides observed tactics, techniques, and procedures (TTPs) along with indicators of compromise (IOCs). Organizations should consider the risks of threat actor access to and persistence on these Ivanti gateways when determining whether to continue operating these devices in an enterprise environment. Credentials and sensitive data stored within the affected Ivanti VPN appliances should be considered compromised.
Network defenders are encouraged to hunt for malicious activity on their networks using the detection methods and IOCs within the joint advisory.
The Cyber Centre encourages organizations to implement the recommendations in this advisory.
Canadian organizations that discover a potential compromise are encouraged to report it via the My Cyber Portal, or email contact@cyber.gc.ca
Read the joint cyber security advisory:
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways