- Description
- Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.1
- Impact score
- 6
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- CWE-94
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
6
🚨 Critical security flaws discovered in Ivanti products could allow attackers to execute arbitrary code remotely. The vulnerabilities (CVE-2024-38657, CVE-2025-22467, CVE-2024-10644, and CVE-2024-47908) impact Ivanti Connect Secure, Policy Secure, and Cloud Services… https://t.
@TheHackersNews
12 Feb 2025
16353 Impressions
62 Retweets
128 Likes
15 Bookmarks
2 Replies
3 Quotes
🚨 CVE-2024-10644 ⚠️🔴 CRITICAL (9.1) 🏢 Ivanti - Connect Secure 🏗️ 22.7R2.4 🔗 https://t.co/kxEDS8mT9E #CyberCron #VulnAlert https://t.co/amotH519Yt
@cybercronai
11 Feb 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-10644: CRITICAL] Critical code injection vulnerability in Ivanti Connect Secure & Policy Secure allows remote attackers to achieve remote code execution. Update to version 22.7R2.4 or 22.7R1.3 immediately.#cybersecurity,#vulnerability https://t.co/MXhNGsNV3d https:/
@CveFindCom
11 Feb 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes