Ivanti Connect Secure Authentication Bypass Vulnerability
A critical authentication bypass vulnerability in Ivanti Connect Secure and Policy Secure Gateways allows unauthenticated remote attackers to bypass authentication controls and gain unauthorized administrative access to affected systems.
This section explains the vulnerability in everyday language, so anyone can understand the risk and impact.
A serious security flaw was discovered in Ivanti's Connect Secure VPN products that lets attackers completely bypass the login process. Think of it like finding a hidden back door that lets someone walk right into a secure building without showing any ID or credentials.
This is particularly dangerous because these Ivanti products are specifically designed to provide secure remote access to company networks. When attackers exploit this flaw, they can gain the highest level of access (administrative privileges) to the system without needing any password or authentication.
The vulnerability affects thousands of organizations worldwide who use Ivanti Connect Secure (formerly called Pulse Secure) for their remote access needs. It's especially concerning because it was discovered being actively exploited by hackers before a fix was available (known as a zero-day vulnerability).
Affected Products
Remediation
1. Immediately update to the latest patched version
2. Enable Secure Access File System Integrity Tool (SAFIT)
3. Monitor systems for indicators of compromise
4. Reset all credentials and sessions
5. Implement network segmentation
6. Consider implementing additional network security controls
Sources & References
- vendorIvanti Security Advisory
- advisoryCISA KEV Catalog