Ivanti warns customers of a new zero-day flaw in its Sentry software.
If successfully exploited, the bug allows an attacker to change configuration, run system commands, or write files onto the system.
The company has published a proof-of-concept for the flaw and released a patch for it.
This comes a week after Ivanti fixed two critical stack-based buffer overflow flaws in its Avalanche software that could lead to crashes and arbitrary code execution on vulnerable installations.
Software services provider Ivantia is warning customers about a new vulnerability affecting its MobileIron Sentry appliance.
It called the flaw CVE-2023-38035 and says that it is actively exploited in the wild.
More concerning is the fact that an unauthenticated actor can gain access to some sensitive APIs through this vulnerability.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply