{"uuid": "44a14008-9199-4ba2-9a81-e205329399e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-21894", "type": "exploited", "source": "https://t.me/theninjaway1337/1514", "content": "New Ivanti RCE flaw may impact 16,000 exposed VPN gateways\n\nApproximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week.\n\nThe flaw is tracked as\u00a0CVE-2024-21894\u00a0and is a high-severity heap overflow in the IPSec component of Ivanti Connect Secure 9.x and 22.x, potentially allowing unauthenticated users to cause denial of service (DoS) or achieve RCE by sending specially crafted requests.\nUpon disclosure, on April 3, 2024, the internet search engine Shodan showed 29,000 internet-exposed instances, while threat monitoring service Shadowserver reported seeing roughly 18,000.\n\nhttps://www.bleepingcomputer.com/news/security/new-ivanti-rce-flaw-may-impact-16-000-exposed-vpn-gateways/", "creation_timestamp": "2024-04-08T17:08:20.000000Z"}