In continuation with first part of blog post on vulnerabilities identified on Ivanti VPN products, that shook IT infra of many large organizations towards at the end of 2023, we will be looking at three more vulnerabilities that Ivanti further disclosed on 31st January and 21st February in this second and conclusive part of this blog post series.  

Customers of Ivanti Connect Secure VPN had rough start of the year due to recently discovered high severity vulnerabilities that were already being exploited in the wild prior to being discovered by Security researchers. The combination of two vulnerabilities made overall discovery lethal for the users of Ivanti VPN servers. First one was an authentication bypass vulnerability whereas second allowed remote users to execute arbitrary code on VPN server. This post gives more information about the vulnerabilities, impact and mitigation techniques.