CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2024-21887

CVSS 9.1v3.1pub. 2024-01-12upd. 2025-10-31

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Ivanti Connect Secure

    APP
    Ivanti
    22.122.222.322.422.522.69.09.1
  • Ivanti Policy Secure

    APP
    Ivanti
    22.122.222.322.422.522.69.09.1

CISA KEV — detailsi

Vendori
Ivanti
Producti
Connect Secure and Policy Secure
Added to KEVi
January 10, 2024
Remediation deadline (US Federal)i
January 22, 2024(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This vulnerability can be leveraged in conjunction with CVE-2023-46805, an authenticated bypass issue.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 22 stycznia 2024
CWE
References

Related vulnerabilities

CVE-2025-22457CRITICAL9.0⚠ KEVPL ✓ten sam produkt

Stack-based buffer overflow w Ivanti Connect Secure, Policy Secure i ZTA Gateways umożliwiający RCE

CVE-2025-0282CRITICAL9.0⚠ KEVPL ✓ten sam produkt

Stack-based buffer overflow RCE w Ivanti Connect Secure, Policy Secure i Neurons for ZTA

CVE-2021-22893CRITICAL10.0⚠ KEVten sam produkt

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by...

CVE-2019-11510CRITICAL10.0⚠ KEVten sam produkt

In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an...

CVE-2024-10644CRITICAL9.1PL ✓ten sam produkt

Code injection w Ivanti Connect Secure i Policy Secure — RCE