Ivanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure (SSL VPN solution) and Ivanti Policy Secure (NAC solution), some of which could also lead to execution of arbitrary code or information disclosure. Also, three months since attackers started exploiting a string of zero-days in Ivanti Connect Secure and bypassing mitigations for them, the company’s CEO has announced they will be accelerating security initiatives and improving security practices. The patched vulnerabilities Four vulnerabilities … More
The post Ivanti vows to transform its security operating model, reveals new vulnerabilities appeared first on Help Net Security.
This article has been indexed from Help Net Security