Ivanti Sentry vulnerability (CVE-2023-41724)

Ivanti has released a new critical vulnerability (CVE-2023-41724) update regarding there “Ivanti Standalone Sentry”, this vulnerability was discovered by NATO. Ivanti is currently not aware that this is being actively used at customers.

Summary

CVE-2023-41724, 9.6 critical (CVSS 3.1): “An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.” As stadet by Ivanti, also the threat actor cannot exploit this issue to the internet if there is no valid TLS client certificate enrolled through EPMM / N-MDM.

Affected products

All supported versions are at risk and older:

• 17.0
• 18.0
• 19.0

Security recommendation

Ivanti has released a security patch for each of the supported versions (9.17.1, 9.18.1 and 9.19.1) and can be found on the download of Ivanti. For the unsupported version more information can be found here.

More information regarding the vulnerability itself can be found here.