Critical Ivanti Flaws Exploited: Mirai Botnet Threatens Network Security
May 10, 2024![Critical Ivanti Flaws Exploited: Mirai Botnet Threatens Network Security](https://cdn.brief.news/images/stories/eac5ff49eb8946e0ca44cac2d04b92e7f30c7efb4b0d85a8b36eab330f4cc0a359286877da5c67e5160830b813a84a6f06b7b25fa0b8134c97179f5442bf96aa.png)
Security researchers have identified attackers exploiting two vulnerabilities in Ivanti Connect Secure (ICS) to install the Mirai botnet.
The vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, allow remote execution of arbitrary commands on affected gateways.
These security flaws comprise an authentication bypass and a command injection issue, enabling unauthorized access and control over unpatched systems.
Attackers are using encoded URLs to download and run malicious scripts, leading to the spread of Mirai bots and potentially other malware.
The exploitation of these vulnerabilities signifies a deepening concern for network security and the constant evolution of cyber threats, emphasizing the need for vigilant patch management and security countermeasures.
Summary based on 2 sources
Get a daily email with more Tech stories
Sources
![Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery](https://cdn.brief.news/images/links/01840d9c6c62b61d096ab759f464493a442b04b895b2d488ee96f6eb3525f1670d979ce3cbf2e2caa7381de9d2350e030b2cb3e109c3c34433f73fe4f8bfbc60.png)
The Hacker News • May 9, 2024
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery![Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs](https://cdn.brief.news/images/links/eac5ff49eb8946e0ca44cac2d04b92e7f30c7efb4b0d85a8b36eab330f4cc0a359286877da5c67e5160830b813a84a6f06b7b25fa0b8134c97179f5442bf96aa.png)
Security Affairs • May 9, 2024
Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs