{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-030.pdf"
    },
    "title": "Critical Vulnerabilities in Ivanti Products",
    "serial_number": "2024-030",
    "publish_date": "21-03-2024 09:19:02",
    "description": "On March 20, 2024, Ivanti released fixes for two critical vulnerabilities affecting Ivanti Standalone Sentry and Ivanti Neurons for ITSM. According to Ivanti, there is no evidence of these vulnerabilities being exploited in the wild.<br>\nIt is recommended upgrading affected software as soon as possible.<br>\n",
    "url_title": "2024-030",
    "content_markdown": "---\ntitle: 'Critical Vulnerabilities in\u00a0Ivanti\u00a0Products'\nnumber: '2024-030'\nversion: '1.0'\noriginal_date: 'March 20, 2024'\ndate: 'March 21, 2024'\n---\n\n_History:_\n\n* _21/03/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn March 20, 2024, Ivanti released fixes for two critical vulnerabilities affecting Ivanti Standalone Sentry and Ivanti Neurons for ITSM. According to Ivanti, there is no evidence of these vulnerabilities being exploited in the wild.\n\nIt is recommended upgrading affected software as soon as possible.\n\n# Technical Details\n\nThe vulnerability `CVE-2023-41724`, with a CVSS score of 9.6, affects Ivanti Standalone Sentry and could allow an unauthenticated attacker within the same physical or logical network to execute arbitrary commands on the underlying operating system of the appliance. [1]\n\nThe vulnerability `CVE-2023-46808`, with a CVSS score of 9.9, affects Ivanti Neurons for ITSM and could enable an authenticated remote user to perform file writes in sensitive directories which may allow execution of commands in the context of web application\u2019s user. [2]\n\n# Affected Products\n\nThe vulnerability `CVE-2023-41724` impacts all supported versions of Ivanti Standalone Sentry (9.17.0, 9.18.0, and 9.19.0). Older versions are also at risk.\n\nThe vulnerability `CVE-2023-46808` impacts all supported versions of Ivanti Neurons for ITSM (2023.3, 2023.2 and 2023.1). Unsupported versions are also at risk.\n\n# Recommendations\n\nCERT-EU strongly recommends updating affected software to the latest versions by following the instructions given by the vendor [1,2].\n\n# References\n\n[1] <https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry?language=en_US>\n\n[2] <https://forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSM?language=en_US>",
    "content_html": "<p><em>History:</em></p><ul><li><em>21/03/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On March 20, 2024, Ivanti released fixes for two critical vulnerabilities affecting Ivanti Standalone Sentry and Ivanti Neurons for ITSM. According to Ivanti, there is no evidence of these vulnerabilities being exploited in the wild.</p><p>It is recommended upgrading affected software as soon as possible.</p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerability <code>CVE-2023-41724</code>, with a CVSS score of 9.6, affects Ivanti Standalone Sentry and could allow an unauthenticated attacker within the same physical or logical network to execute arbitrary commands on the underlying operating system of the appliance. [1]</p><p>The vulnerability <code>CVE-2023-46808</code>, with a CVSS score of 9.9, affects Ivanti Neurons for ITSM and could enable an authenticated remote user to perform file writes in sensitive directories which may allow execution of commands in the context of web application\u2019s user. [2]</p><h2 id=\"affected-products\">Affected Products</h2><p>The vulnerability <code>CVE-2023-41724</code> impacts all supported versions of Ivanti Standalone Sentry (9.17.0, 9.18.0, and 9.19.0). Older versions are also at risk.</p><p>The vulnerability <code>CVE-2023-46808</code> impacts all supported versions of Ivanti Neurons for ITSM (2023.3, 2023.2 and 2023.1). Unsupported versions are also at risk.</p><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU strongly recommends updating affected software to the latest versions by following the instructions given by the vendor [1,2].</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry?language=en_US\">https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry?language=en_US</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSM?language=en_US\">https://forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSM?language=en_US</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}