Threat Advisories

Ivanti Addressed A New Zero-Day Flaw in Ivanti Sentry

August 23, 2023

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

The zero-day vulnerability (CVE-2023-38035) in Ivanti Sentry (versions 9.18 and earlier) allows unauthenticated access to sensitive APIs via port 8443, posing a risk of configuration manipulation and system compromise. Apply specific RPM scripts and restrict external access for mitigation

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Attacks, Vulnerabilities and Actors 14 August to 20 August 2023

Data Center Vulnerabilities a Ticking Time Bomb for Cloud Services