Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems.

Ivanti, whose products have been a big target for attackers recently, has disclosed two more critical vulnerabilities in its technologies — raising more questions about the security of its products in ...

US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild. Ivanti Sentry (formerly MobileIron Sentry) ...

U.S. software giant Ivanti has scrambled to patch another zero-day vulnerability under active attack. The vulnerability, tracked as CVE-2023-38035 with a vulnerability severity rating of 9.8 out of 10 ...

Security vendor Ivanti has urged customers to urgently remediate a newly discovered zero-day vulnerability in its Ivanti Sentry product. Formerly known as MobileIron Sentry, Ivanti Sentry is a secure ...

As Ivanti Connect Secure customers await delayed patches, threat actors have ‘developed workarounds to current mitigations,’ the U.S. cybersecurity agency says. Malicious actors have “recently” ...

The cybersecurity agency encouraged organizations to address the remote code execution (RCE) vulnerability in Ivanti Standalone Sentry. CISA Thursday encouraged patching to address a critical-severity ...

Ivanti has released security advisories to address vulnerabilities in Ivanti Neurons for ITSM and Standalone Sentry. A cyber threat actor could exploit these vulnerabilities to take control of an ...

At the end of 2023 and into 2024, a series of vulnerabilities in Ivanti Policy Secure network access control (NAC), Ivanti Connect Secure secure socket layer virtual private network (SSL VPN), and ...