Ivanti Vulnerability Exploited to Install ‘DSLog’ Backdoor on 670+ IT Infrastructures

Threat actors are using a newly discovered security vulnerability that affects ZTA, Policy Secure, and Ivanti Connect Secure gateways to install a backdoor on vulnerable devices known as DSLog.

The exploitation of CVE-2024-21893 was discovered by Orange Cyberdefense within hours of the proof-of-concept (PoC) code being made public, according to their results.

The SAML module contains a server-side request forgery (SSRF) vulnerability called CVE-2024-21893, which was discovered by Ivanti late last month together with CVE-2024-21888. If successfully exploited, this vulnerability could provide access to previously restricted sites without the need for authentication.

Since then, the Utah-based corporation has admitted that the vulnerability has reduced targeted attacks read more Ivanti Vulnerability Exploited to Install DSLog Backdoor on 670+ IT Infrastructures.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *