Found 4 bookmarks
Custom sorting
Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282)
Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282)
We agree - modern security engineering is hard - but none of this is modern. We are discussing vulnerability classes - with no sophisticated trigger mechanisms that fuzzing couldnt find - discovered in the 1990s, that can be trivially discovered via basic fuzzing, SAST (the things product security teams do with real code access). As an industry, should we really be communicating that these vulnerability classes are simply too complex for a multi-billion dollar technology company that builds enterprise-grade, enterprise-priced network security solutions to proactively resolve?
#watchtowr#EN#2024#CVE-2025-0282#analysis#Ivanti#criticism#Connect#Secure
·labs.watchtowr.com·
Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282)
CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability – Horizon3.ai
CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability – Horizon3.ai
CVE-2024-29847 Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability.
#horizon3#EN#2024#CVE-2024-29847#Ivanti#Endpoint#Manager#AgentPortal#Deserialization#analysis
·horizon3.ai·
CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability – Horizon3.ai
Zero Day Initiative — CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability
Zero Day Initiative — CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Lucas Miller and Dusan Stevanovic of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in the Ivanti Avalanche enterprise mobility management program. Other Ivanti products
#zerodayinitiative#EN#2024#CVE-2023-46263#Ivanti#Avalanche#analysis
·zerodayinitiative.com·
Zero Day Initiative — CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability