Ivanti Pulse Secure Linux Software Security Supply Chain Security Vulnerabilities

Uncovering Security Risks: Ivanti Pulse Secure's Outdated Linux and Libraries

Discover the security implications of Ivanti Pulse Secure's use of outdated Linux versions and libraries. Uncover the vulnerabilities and risks associated with aging software components.
Uncovering Security Risks: Ivanti Pulse Secure's Outdated Linux and Libraries

Outdated Linux and Libraries in Ivanti Pulse Secure Appliances

In a recent analysis of Ivanti Pulse Secure appliances, it has been discovered that the software is utilizing outdated Linux versions and libraries, raising concerns about the security of software supply chains.

Aging Infrastructure

The investigation conducted by Eclypsium revealed that the base operating system employed by Ivanti for their devices is CentOS 6.4, a version that has long surpassed its end-of-life status. Furthermore, the Linux kernel version being used is 2.6.32, which reached its end-of-life in March 2016.

The presence of antiquated software packages within the Ivanti Connect Secure product poses a substantial security risk. For instance, Perl remains stagnant at version 5.6.1, a release dating back 23 years to April 9, 2001. The reliance on such outdated components exposes the system to potential vulnerabilities and exploits.

Outdated Linux Libraries

Exploitable Weaknesses

Recent incidents have demonstrated threat actors exploiting various vulnerabilities present in Ivanti’s products, including Connect Secure, Policy Secure, and ZTA gateways. Notable vulnerabilities such as CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893 have been leveraged by malicious entities. Additionally, Ivanti disclosed another critical bug, CVE-2024-22024, which could enable unauthorized access to restricted resources.

Escalation of Scanning Activities

Akamai, a prominent web infrastructure company, observed a surge in scanning activities targeting CVE-2024-22024 following the release of a proof-of-concept on February 9, 2024. This heightened scanning activity signifies the urgency for organizations to address these vulnerabilities promptly.

Unveiling Security Gaps

By employing a proof-of-concept exploit for CVE-2024-21893, Eclypsium managed to establish a reverse shell on the PSA3000 appliance, exposing numerous outdated packages and vulnerable libraries. The Integrity Checker Tool (ICT) recommended by Ivanti to detect compromise indicators was found to have significant limitations, excluding multiple directories from scans. This oversight could potentially enable threat actors to implant persistent threats and circumvent integrity checks.

Emphasizing Transparency and Vigilance

The lack of transparency and openness in digital supply chains poses a significant challenge for customers and third-parties seeking to validate product integrity and security. Without adequate information sharing, malicious actors can exploit these gaps, underscoring the critical need for enhanced controls and visibility.

Stories from Around the Web

Wendy\U00002019s Partners with PAR Technology: A Leap into the Future of Customer Loyalty
EMA

Wendy\U00002019s Partners with PAR Technology: A Leap into the Future of Customer Loyalty

Manchester City Challenges Premier League Financial Regulations in Bold Legal Move
Premier League Pulse

Manchester City Challenges Premier League Financial Regulations in Bold Legal Move

Unleashing Creativity: Join Teen Tech Night and Discover the Future of Technology
EMA

Unleashing Creativity: Join Teen Tech Night and Discover the Future of Technology

From Pitch to Presenter: Lea Wagner on Her Journey to Becoming Germany\U00002019s Sports Darling
Premier League Pulse

From Pitch to Presenter: Lea Wagner on Her Journey to Becoming Germany\U00002019s Sports Darling

Pioneering Advances in Cancer Detection and Treatment: Texas Engineers Receive Major Grants
EMA

Pioneering Advances in Cancer Detection and Treatment: Texas Engineers Receive Major Grants

The Next Big Move? Paulo Dybala's Potential Transfer to the Premier League
Premier League Pulse

The Next Big Move? Paulo Dybala's Potential Transfer to the Premier League

Revolutionizing Cancer Care: New Tech for Early Detection and Treatment
EMA

Revolutionizing Cancer Care: New Tech for Early Detection and Treatment

Is Paulo Dybala Set to Ignite the Premier League?
Premier League Pulse

Is Paulo Dybala Set to Ignite the Premier League?

Severe Glibc Privilege Escalation Vulnerability Shakes Major Linux Distributions
Older post

Severe Glibc Privilege Escalation Vulnerability Shakes Major Linux Distributions

Newer post

Linus Torvalds Sounds Alarm on Performance Regressions in Linux Kernel

Linus Torvalds Sounds Alarm on Performance Regressions in Linux Kernel

Related

View all
Windows Update Wreaks Havoc on Linux Dual Boot: Here's the Fix
Linux Windows Dual Boot Secure Boot Microsoft

Windows Update Wreaks Havoc on Linux Dual Boot: Here's the Fix

By Lily Samson
Intel Microcode Vulnerabilities: A Growing Concern for Linux Users
Intel Microcode Linux Ubuntu Security Vulnerabilities Updates

Intel Microcode Vulnerabilities: A Growing Concern for Linux Users

By Lily Samson
The Linux Security Threat: A Concern for the Open-Source Community
Linux Security Disinformation Community

The Linux Security Threat: A Concern for the Open-Source Community

By Ethan Reynolds
Woes of Linux users everywhere: Windows updates paralyze Linux
Windows Updates Linux Boot Issues Computing Issues Operation Systems Issues

Woes of Linux users everywhere: Windows updates paralyze Linux

By Lily Samson