CVE-2024-11633
CVSS 3.1 Score 9.1 of 10 (high)
Details
Summary
CVE-2024-11633 is a newly disclosed vulnerability affecting Ivanti Connect Secure before version 22.7R2.4. This issue permits a remote, authenticated attacker with administrative privileges to execute arbitrary code through argument injection. By sending specially crafted input to the targeted system, the attacker can exploit this vulnerability and gain complete control over the affected Ivanti Connect Secure instance. This type of attack can lead to severe consequences, including unauthorized access to sensitive information, data theft, and system compromise. It is recommended that Ivanti users upgrade to the latest version of Connect Secure as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.