Home Security Ivanti Warns of Important Zero-Day Flaw Being Actively Exploited in Sentry Software program

Ivanti Warns of Important Zero-Day Flaw Being Actively Exploited in Sentry Software program

by crpt os


Aug 22, 2023THNZero-Day / Software Security

Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is being actively exploited in the wild, marking an escalation of its security woes.

Tracked as CVE-2023-38035 (CVSS score: 9.8), the issue has been described as a case of authentication bypass impacting versions 9.18 and prior due to what it called an due to an insufficiently restrictive Apache HTTPD configuration.

“If exploited, this vulnerability enables an unauthenticated actor to access some sensitive APIs that are used to configure the Ivanti Sentry on the administrator portal (port 8443, commonly MICS),” the company said.

“While the issue has a high CVSS score, there is a low risk of exploitation for customers who do not expose port 8443 to the internet.”

Cybersecurity

Successful exploitation of the bug could allow an attacker to change configuration, run system commands, or write files onto the system. It’s recommended that users restrict access to MICS to internal management networks.

While exact details surrounding the nature of exploitation are currently unknown, the company said it’s “only aware of a limited number of customers” who have been affected.

Norwegian cybersecurity company mnemonic has been credited with discovering and reporting the flaw.

“Successful exploitation allows an unauthenticated threat actor to read and write files to the Ivanti Sentry server and execute OS commands as system administrator (root) through use of ‘super user do’ (sudo),” it said.

Cybersecurity

What’s more, CVE-2023-38035 could be weaponized after exploiting CVE-2023-35078 and CVE-2023-35081, two other recently disclosed flaws in the Ivanti Endpoint Manager Mobile (EPMM) in scenarios where port 8443 is not publicly accessible as the admin portal is used to communicate with the Ivanti EPMM server.

The development comes a week after Ivanti fixed two critical stack-based buffer overflow flaws (CVE-2023-32560) in its Avalanche software that could lead to crashes and arbitrary code execution on vulnerable installations.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex