CVE-2024-9420
Nov. 27, 2024, 9:15 p.m.
Tags
Product(s) Impacted
Ivanti Connect Secure
- before 22.7R2.3
Ivanti Policy Secure
- before 22.7R1.2
Description
A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution
Weaknesses
CWE-416
Use After Free
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CWE ID: 416Date
Published: Nov. 12, 2024, 4:15 p.m.
Last Modified: Nov. 27, 2024, 9:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
3c1d8aa1-5a33-4ea4-8992-aadd6440af75