Ivanti has released critical security patches addressing multiple vulnerabilities in its Avalanche, Connect Secure, Policy Secure, and EPM (Endpoint Manager) solutions. These updates come as cybersecurity threats continue to evolve, making timely patching essential for enterprise security teams.

Overview of the Ivanti Security Updates

Ivanti's latest security bulletin addresses several high-severity vulnerabilities that could potentially allow attackers to execute remote code, escalate privileges, or bypass authentication mechanisms. The affected products include:

  • Ivanti Avalanche (Enterprise mobility management)
  • Ivanti Connect Secure (VPN solution)
  • Ivanti Policy Secure (Network access control)
  • Ivanti EPM (Endpoint management)

Critical Vulnerabilities Patched

The security updates address the following key vulnerabilities:

1. Remote Code Execution (RCE) in Connect Secure (CVE-2023-XXXXX)

  • CVSS Score: 9.8 (Critical)
  • Impact: Unauthenticated attackers could execute arbitrary code
  • Affected Versions: 9.x through 22.x

2. Authentication Bypass in Policy Secure (CVE-2023-XXXXX)

  • CVSS Score: 8.8 (High)
  • Impact: Could allow unauthorized access to protected resources

3. Privilege Escalation in EPM (CVE-2023-XXXXX)

  • CVSS Score: 7.8 (High)
  • Impact: Local attackers could gain elevated privileges

Security teams should take immediate action:

  1. Identify affected systems: Inventory all Ivanti deployments
  2. Prioritize patching: Critical systems first
  3. Apply updates: Follow Ivanti's upgrade guidance
  4. Monitor for compromises: Check for indicators of compromise
  5. Implement workarounds: If immediate patching isn't possible

Impact Assessment

These vulnerabilities pose significant risk because:

  • Many enterprises use Ivanti for critical infrastructure access
  • VPN solutions are high-value targets for attackers
  • Unpatched systems could lead to network breaches

Timeline and Availability

  • Disclosure Date: January 2024
  • Patch Release: Immediate availability
  • End-of-Life Considerations: Some older versions may require upgrades

Best Practices for Ivanti Environments

Beyond patching, organizations should:

  • Segment networks containing Ivanti systems
  • Implement multi-factor authentication
  • Monitor for unusual authentication patterns
  • Maintain offline backups of critical configurations

Looking Ahead

Ivanti has committed to more frequent security updates and improved vulnerability disclosure processes. The company recommends subscribing to their security advisories for timely notifications.

Additional Resources

For technical details and download links, refer to Ivanti's official security bulletin at Ivanti Security Advisories.