Critical Ivanti Alert: Patch Standalone Sentry Now (CVE-2023-41724)

Ivanti has issued a warning regarding a critical vulnerability in its Standalone Sentry product, which allows attackers to remotely execute arbitrary commands. Designated as CVE-2023-41724, this vulnerability has been rated at 9.6 on the CVSS scale and affects all supported versions of the product, including 9.17.0, 9.18.0, and 9.19.0, as well as earlier versions.

The company urgently advises users to immediately install the released patches (versions 9.17.1, 9.18.1, and 9.19.1), available through the standard download portal, to protect against potential cyber threats.

Ivanti has expressed gratitude to experts from the NATO Cyber Security Centre for identifying the vulnerability.

According to Ivanti, there is no information on any customers who have been adversely affected by the exploitation of CVE-2023-41724. The company also clarified that attackers without a valid client TLS certificate registered through EPMM cannot directly exploit this vulnerability over the internet. This reduces potential exploitation opportunities, though it does not eliminate them.

In recent months, Ivanti has been consistently in the news due to vulnerabilities in its products being exploited in various cyber-attacks.

For instance, on March 11, it was revealed that attackers exploited an Ivanti vulnerability to breach the United States Cybersecurity and Infrastructure Security Agency (CISA), marking a particularly ironic twist of events. This comes especially as CISA representatives had, for several months, urged federal agencies in the U.S. to update vulnerable Ivanti installations to a secure version. A case of the cobbler’s children having no shoes, indeed.