CVE-2023-46805

Name of the Vulnerable Software and Affected Versions Ivanti Connect Secure versions 9.0 through 9.1 Ivanti Connect Secure versions 22.1 through 22.3 Ivanti Policy Secure versions 9.0 through 9.1 Ivanti Policy Secure versions 22.1 through 22.3

Description The issue is related to an authentication bypass vulnerability in the web component of Ivanti Connect Secure and Ivanti Policy Secure. This vulnerability allows a remote attacker to access restricted resources by bypassing control checks. The estimated number of potentially affected devices worldwide is not explicitly stated, but it is mentioned that there are potentially 985 vulnerable devices in the US. There have been real-world incidents where this issue was exploited, with over 250,000 attacks launched to exploit the Ivanti VPN 0-Day. The vulnerability can be exploited by sending specially crafted requests to the /api/v1/totp/user-backup-code/../../system/platform?operation=testConnectivity API endpoint. The username and password variables may be involved in the exploitation.

Recommendations For Ivanti Connect Secure versions 9.0 through 9.1, immediately apply the security patches released by Ivanti. For Ivanti Connect Secure versions 22.1 through 22.3, immediately apply the security patches released by Ivanti. For Ivanti Policy Secure versions 9.0 through 9.1, immediately apply the security patches released by Ivanti. For Ivanti Policy Secure versions 22.1 through 22.3, immediately apply the security patches released by Ivanti. As a temporary workaround, consider restricting access to the vulnerable API endpoint until a patch is available.