CVE-2024-7593

Aug. 13, 2024, 7:15 p.m.

9.8
Critical

Description

Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.

Product(s) Impacted

Product Versions
Ivanti vTM
  • ['22.2R1', '22.7R2']

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593

Tags

CWE-287
2024-08-13
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
CVE-2024-7593

CVSS Score

9.8 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: Aug. 13, 2024, 7:15 p.m.
Last Modified: Aug. 13, 2024, 7:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

3c1d8aa1-5a33-4ea4-8992-aadd6440af75

Relations

Here is the list of observables linked to the vulnerability CVE-2024-7593 using threat intelligence.

  • Raccoon Stealer
  • SectopRAT
  • AsyncRAT
  • MetaStealer
  • D3F@ck Loader
  • Danabot
  • Sergei Panteleevich

Linked Attack Reports

Exploring the D3F@ck Malware-as-a-Service Loader

This report analyzes the D3F@ck Loader, a malware-as-a-service (MaaS) offering orchestrated by an individual going by the alias Sergei Panteleevich. The loader utilizes various evasion techniques, including the use of Extended Validation certificates, Inno Setup installers with custom Pascal script…
malware
loader
obfuscation
stealer
danabot
metastealer
sectoprat
2024-08-19
raccoon stealer
certificates
d3f@ck loader
Published: August 19, 2024
Linked vulnerabilities : CVE-2024-7593 (CVSS 9.8)
Downloadable IOCs: 4

Exploring AsyncRAT and Infostealer Plugin Delivery Through…

This analysis details an AsyncRAT infection observed in August 2024, delivered via email. The attack chain involves a Windows Script File that downloads and executes various scripts, ultimately leading to the installation of AsyncRAT with an infostealer plugin. The malware targets multiple browsers…
phishing
powershell
infostealer
asyncrat
vbscript
2024-09-02
process hollowing
cryptocurrency wallets
browser data theft
Published: September 2, 2024
Linked vulnerabilities : CVE-2024-7593 (CVSS 9.8), CVE-2024-28986
Downloadable IOCs: 8

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.