Ivanti ICS authentication bypass actively chained with CVE-2024-21887 for full unauthenticated RCE. Chinese espionage groups exploited this against government and defense targets. Patch immediately and check for persistence mechanisms.
An authentication bypass vulnerability in the web component of Ivanti ICS allows a remote attacker to access restricted resources by bypassing control checks.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →