In a new blog post, Ivanti says that it has found another vulnerability and urges customers to “immediately take action to ensure you are fully protected”.
This vulnerability only affects a limited number of supported versions–Ivanti Connect Secure (version 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1), Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3. Please read between the lines that there could be unsupported versions which will never see a patch for this vulnerability.
Read more…
Source: Malwarebytes Labs