Wed Sep 25 08:08:23 UTC 2024: ## Ivanti Virtual Traffic Manager Flaw Added to CISA’s Exploited Vulnerabilities Catalog
**Washington D.C. – October 12, 2024** – The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch the flaw by October 15, 2024.
The vulnerability, tracked as CVE-2024-7593, allows remote, unauthenticated attackers to bypass authentication and create rogue administrator accounts, potentially leading to full control of the vTM appliance.
Ivanti, the software company behind vTM, addressed the flaw in March and May 2024 with the release of patch versions 22.2R1 and 22.7R2 respectively. However, proof-of-concept exploit code is publicly available, highlighting the immediate need for organizations to update their systems.
“Successful exploitation could lead to authentication bypass and creation of an administrator user,” stated Ivanti in its advisory.
CISA recommends that private organizations also review the KEV catalog and address the vulnerabilities in their infrastructure to ensure they are protected against attacks exploiting these known flaws.
This directive aligns with Binding Operational Directive (BOD) 22-01, which mandates federal agencies to address vulnerabilities within a specific timeframe to bolster network security.
Ivanti advises customers who have restricted access to their vTM management interface to a private IP address to update their systems at their earliest convenience.
**In addition to patching, Ivanti recommends:**
* **Limiting Admin Access:** Restricting administrative access to the management interface to internal network users.
* **Restricting Trusted IP Addresses:** Using the vTM settings to further restrict access to only trusted IP addresses.
**CISA’s urgent call to action emphasizes the crucial need for timely patching and robust security measures to protect critical infrastructure and prevent potential exploitation of these vulnerabilities.**
First Piper 