Advisory 60: Ivanti Releases Security Update for Ivanti Connect Secure and Policy Secure Gateways
Release Date: 04 of April 2024
Impact : HIGH / CRITICAL
TLP Rating: Clear 
CERT Vanuatu (CERTVU) and the Office of the Chief Information Officer (OGCIO) provide the following advisory.
What is it?
Ivanti has released security updates to address vulnerabilities in all supported version (9.x and 22.x) of Ivanti connect secure and policy secure gateways.
What are the Systems affected?
The following Fortinet Products are affected;
What this means ?
The vulnerabilities may allow a cyber threat actor to exploit one of these vulnerabilities to take control of an affected system.
Mitigation process
References
- https://www.cisa.gov/news-events/alerts/2024/04/04/ivanti-releases-security-update-ivanti-connect-secure-and-policy-secure-gateways
- https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
- Download advisory (English): Ivanti Releases Security Update for Ivanti Connect Secure and Policy Secure Gateways
- Download advisory (Bislama): Ivanti Rilis Sekuriti Apdeit blong Ivanti Connect Secure mo Policy Secure Gateway
- Download advisory (French): Ivanti publie une mise à jour de sécurité pour les passerelles sécurisées et stratégiques d’Ivanti Connect