Overview
- Description
- A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- CWE-416
Social media
- Hype score
- Not currently trending
Heads up! A serious security issue (CVE-2024-9420) was found in Ivanti Connect Secure and Policy Secure software. Hackers can potentially take control of systems through this flaw. If you're using these, update to the latest version to stay protected. https://t.co/MFzqlCUh3W
@AbuseAE
12 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-9420: HIGH] A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution.#cybersecurity,#vulnerability https://t.co/brP62GdyvV https://t.co/pMIG
@CveFindCom
12 Nov 2024
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-9420 A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve rem… https://t.co/JIF6KayQBa
@CVEnew
12 Nov 2024
201 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes