Executive Risk Summary
"A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests, potentially causing a DoS attack and possibly leading to arbitrary code execution. This vulnerability affects versions 9.x and 22.x of the affected products."
Operational Audit Arsenal
Target Type Service
Target Asset IPSec service
Standard Path Global Firmware
Manual Verification Required
This is a non-Windows asset (Ivanti). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.
Patch Impact Forecast
Reboot Required Likely
Network connectivity may be disrupted during the patching process
Internal Work Notes
Ivanti Connect Secure and Ivanti Policy Secure are affected by a heap overflow vulnerability in the IPSec component, potentially allowing for DoS attacks and arbitrary code execution. Patching is required to mitigate this risk.
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Official Advisoryhttps://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
Official Advisoryhttps://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
Related Ivanti Threats
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.