CVE-2024-21888
First published: Wed Jan 31 2024(Updated: )
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.
Credit: support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ivanti Connect Secure (ICS) VPN | =9.0 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r1 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r2 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r2.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r3 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r3.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r3.2 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r3.3 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r3.5 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r4 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r4.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r5.0 | |
| Ivanti Connect Secure (ICS) VPN | =9.0-r6.0 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r1 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r10 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r11 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r11.3 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r11.4 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r11.5 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r12 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r12.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r13 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r13.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r14 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r15 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r15.2 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r16 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r16.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r17 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r17.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r18 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r18.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r18.2 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r2 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r3 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r4 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r4.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r4.2 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r4.3 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r5 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r6 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r7 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r8 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r8.1 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r8.2 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r9 | |
| Ivanti Connect Secure (ICS) VPN | =9.1-r9.1 | |
| Ivanti Connect Secure (ICS) VPN | =21.9-r1 | |
| Ivanti Connect Secure (ICS) VPN | =21.12-r1 | |
| Ivanti Connect Secure (ICS) VPN | =22.1-r1 | |
| Ivanti Connect Secure (ICS) VPN | =22.1-r6 | |
| Ivanti Connect Secure (ICS) VPN | =22.2 | |
| Ivanti Connect Secure (ICS) VPN | =22.2-r1 | |
| Ivanti Connect Secure (ICS) VPN | =22.3-r1 | |
| Ivanti Connect Secure (ICS) VPN | =22.4-r1 | |
| Ivanti Connect Secure (ICS) VPN | =22.4-r2.1 | |
| Ivanti Connect Secure (ICS) VPN | =22.6 | |
| Ivanti Connect Secure (ICS) VPN | =22.6-r1 | |
| Ivanti Connect Secure (ICS) VPN | =22.6-r2 | |
| Ivanti Connect Secure (ICS) VPN | =22.6-r2.1 | |
| Pulse Policy Secure | =9.0 | |
| Pulse Policy Secure | =9.0-r1 | |
| Pulse Policy Secure | =9.0-r2 | |
| Pulse Policy Secure | =9.0-r2.1 | |
| Pulse Policy Secure | =9.0-r3 | |
| Pulse Policy Secure | =9.0-r3.1 | |
| Pulse Policy Secure | =9.0-r4 | |
| Pulse Policy Secure | =9.1 | |
| Pulse Policy Secure | =9.1-r1 | |
| Pulse Policy Secure | =9.1-r10 | |
| Pulse Policy Secure | =9.1-r11 | |
| Pulse Policy Secure | =9.1-r12 | |
| Pulse Policy Secure | =9.1-r13 | |
| Pulse Policy Secure | =9.1-r13.1 | |
| Pulse Policy Secure | =9.1-r14 | |
| Pulse Policy Secure | =9.1-r15 | |
| Pulse Policy Secure | =9.1-r16 | |
| Pulse Policy Secure | =9.1-r17 | |
| Pulse Policy Secure | =9.1-r18 | |
| Pulse Policy Secure | =9.1-r18.1 | |
| Pulse Policy Secure | =9.1-r18.2 | |
| Pulse Policy Secure | =9.1-r2 | |
| Pulse Policy Secure | =9.1-r3 | |
| Pulse Policy Secure | =9.1-r3.1 | |
| Pulse Policy Secure | =9.1-r4 | |
| Pulse Policy Secure | =9.1-r4.1 | |
| Pulse Policy Secure | =9.1-r4.2 | |
| Pulse Policy Secure | =9.1-r4.3 | |
| Pulse Policy Secure | =9.1-r5 | |
| Pulse Policy Secure | =9.1-r6 | |
| Pulse Policy Secure | =9.1-r7 | |
| Pulse Policy Secure | =9.1-r8 | |
| Pulse Policy Secure | =9.1-r8.1 | |
| Pulse Policy Secure | =9.1-r8.2 | |
| Pulse Policy Secure | =9.1-r9 | |
| Pulse Policy Secure | =22.1-r1 | |
| Pulse Policy Secure | =22.1-r6 | |
| Pulse Policy Secure | =22.2-r1 | |
| Pulse Policy Secure | =22.2-r3 | |
| Pulse Policy Secure | =22.3-r1 | |
| Pulse Policy Secure | =22.3-r3 | |
| Pulse Policy Secure | =22.4-r1 | |
| Pulse Policy Secure | =22.4-r2 | |
| Pulse Policy Secure | =22.4-r2.1 | |
| Pulse Policy Secure | =22.5-r1 | |
| Pulse Policy Secure | =22.6-r1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-connect-secure-zero-day-exploited-in-attacks/
- https://www.theregister.com/2024/01/31/ivanti_patches_zero_days/
- https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US
- https://www.bleepingcomputer.com/news/security/over-13-000-ivanti-gateways-vulnerable-to-actively-exploited-bugs/
- https://www.bleepingcomputer.com/news/security/magnet-goblin-hackers-use-1-day-flaws-to-drop-custom-linux-malware/
- https://www.bleepingcomputer.com/news/security/chemical-facilities-warned-of-possible-data-theft-in-cisa-csat-breach/
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2024-21888?
CVE-2024-21888 has been assigned a medium to high severity rating due to its potential for privilege escalation.
How do I fix CVE-2024-21888?
To fix CVE-2024-21888, apply the latest security patches provided by Ivanti for affected versions of Connect Secure and Policy Secure.
What components are affected by CVE-2024-21888?
CVE-2024-21888 affects the web component of Ivanti Connect Secure and Ivanti Policy Secure versions 9.x and 22.x.
Can CVE-2024-21888 lead to a complete system takeover?
Yes, CVE-2024-21888 can allow an attacker to escalate privileges to that of an administrator, potentially leading to complete control over the system.
Is there a workaround for CVE-2024-21888 before applying the patch?
Currently, there are no known effective workarounds for CVE-2024-21888, so immediate patching is recommended.
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-21893
- alias/CVE-2024-21888
- alias/CVE-2023-46805
- alias/CVE-2024-21887
- agent/type
- collector/the-register
- source/The Register
- agent/description
- agent/first-publish-date
- agent/author
- alias/CVE-2024-22024
- alias/CVE-2023-41265
- alias/CVE-2023-41266
- alias/CVE-2023-48365
- alias/CVE-2022-24086
- agent/news-ai
- agent/severity
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/references
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/ivanti
- canonical/ivanti connect secure (ics) vpn
- version/ivanti connect secure (ics) vpn/9.0
- version/ivanti connect secure (ics) vpn/9.0-r1
- version/ivanti connect secure (ics) vpn/9.0-r2
- version/ivanti connect secure (ics) vpn/9.0-r2.1
- version/ivanti connect secure (ics) vpn/9.0-r3
- version/ivanti connect secure (ics) vpn/9.0-r3.1
- version/ivanti connect secure (ics) vpn/9.0-r3.2
- version/ivanti connect secure (ics) vpn/9.0-r3.3
- version/ivanti connect secure (ics) vpn/9.0-r3.5
- version/ivanti connect secure (ics) vpn/9.0-r4
- version/ivanti connect secure (ics) vpn/9.0-r4.1
- version/ivanti connect secure (ics) vpn/9.0-r5.0
- version/ivanti connect secure (ics) vpn/9.0-r6.0
- version/ivanti connect secure (ics) vpn/9.1-r1
- version/ivanti connect secure (ics) vpn/9.1-r10
- version/ivanti connect secure (ics) vpn/9.1-r11
- version/ivanti connect secure (ics) vpn/9.1-r11.3
- version/ivanti connect secure (ics) vpn/9.1-r11.4
- version/ivanti connect secure (ics) vpn/9.1-r11.5
- version/ivanti connect secure (ics) vpn/9.1-r12
- version/ivanti connect secure (ics) vpn/9.1-r12.1
- version/ivanti connect secure (ics) vpn/9.1-r13
- version/ivanti connect secure (ics) vpn/9.1-r13.1
- version/ivanti connect secure (ics) vpn/9.1-r14
- version/ivanti connect secure (ics) vpn/9.1-r15
- version/ivanti connect secure (ics) vpn/9.1-r15.2
- version/ivanti connect secure (ics) vpn/9.1-r16
- version/ivanti connect secure (ics) vpn/9.1-r16.1
- version/ivanti connect secure (ics) vpn/9.1-r17
- version/ivanti connect secure (ics) vpn/9.1-r17.1
- version/ivanti connect secure (ics) vpn/9.1-r18
- version/ivanti connect secure (ics) vpn/9.1-r18.1
- version/ivanti connect secure (ics) vpn/9.1-r18.2
- version/ivanti connect secure (ics) vpn/9.1-r2
- version/ivanti connect secure (ics) vpn/9.1-r3
- version/ivanti connect secure (ics) vpn/9.1-r4
- version/ivanti connect secure (ics) vpn/9.1-r4.1
- version/ivanti connect secure (ics) vpn/9.1-r4.2
- version/ivanti connect secure (ics) vpn/9.1-r4.3
- version/ivanti connect secure (ics) vpn/9.1-r5
- version/ivanti connect secure (ics) vpn/9.1-r6
- version/ivanti connect secure (ics) vpn/9.1-r7
- version/ivanti connect secure (ics) vpn/9.1-r8
- version/ivanti connect secure (ics) vpn/9.1-r8.1
- version/ivanti connect secure (ics) vpn/9.1-r8.2
- version/ivanti connect secure (ics) vpn/9.1-r9
- version/ivanti connect secure (ics) vpn/9.1-r9.1
- version/ivanti connect secure (ics) vpn/21.9-r1
- version/ivanti connect secure (ics) vpn/21.12-r1
- version/ivanti connect secure (ics) vpn/22.1-r1
- version/ivanti connect secure (ics) vpn/22.1-r6
- version/ivanti connect secure (ics) vpn/22.2
- version/ivanti connect secure (ics) vpn/22.2-r1
- version/ivanti connect secure (ics) vpn/22.3-r1
- version/ivanti connect secure (ics) vpn/22.4-r1
- version/ivanti connect secure (ics) vpn/22.4-r2.1
- version/ivanti connect secure (ics) vpn/22.6
- version/ivanti connect secure (ics) vpn/22.6-r1
- version/ivanti connect secure (ics) vpn/22.6-r2
- version/ivanti connect secure (ics) vpn/22.6-r2.1
- canonical/pulse policy secure
- version/pulse policy secure/9.0
- version/pulse policy secure/9.0-r1
- version/pulse policy secure/9.0-r2
- version/pulse policy secure/9.0-r2.1
- version/pulse policy secure/9.0-r3
- version/pulse policy secure/9.0-r3.1
- version/pulse policy secure/9.0-r4
- version/pulse policy secure/9.1
- version/pulse policy secure/9.1-r1
- version/pulse policy secure/9.1-r10
- version/pulse policy secure/9.1-r11
- version/pulse policy secure/9.1-r12
- version/pulse policy secure/9.1-r13
- version/pulse policy secure/9.1-r13.1
- version/pulse policy secure/9.1-r14
- version/pulse policy secure/9.1-r15
- version/pulse policy secure/9.1-r16
- version/pulse policy secure/9.1-r17
- version/pulse policy secure/9.1-r18
- version/pulse policy secure/9.1-r18.1
- version/pulse policy secure/9.1-r18.2
- version/pulse policy secure/9.1-r2
- version/pulse policy secure/9.1-r3
- version/pulse policy secure/9.1-r3.1
- version/pulse policy secure/9.1-r4
- version/pulse policy secure/9.1-r4.1
- version/pulse policy secure/9.1-r4.2
- version/pulse policy secure/9.1-r4.3
- version/pulse policy secure/9.1-r5
- version/pulse policy secure/9.1-r6
- version/pulse policy secure/9.1-r7
- version/pulse policy secure/9.1-r8
- version/pulse policy secure/9.1-r8.1
- version/pulse policy secure/9.1-r8.2
- version/pulse policy secure/9.1-r9
- version/pulse policy secure/22.1-r1
- version/pulse policy secure/22.1-r6
- version/pulse policy secure/22.2-r1
- version/pulse policy secure/22.2-r3
- version/pulse policy secure/22.3-r1
- version/pulse policy secure/22.3-r3
- version/pulse policy secure/22.4-r1
- version/pulse policy secure/22.4-r2
- version/pulse policy secure/22.4-r2.1
- version/pulse policy secure/22.5-r1
- version/pulse policy secure/22.6-r1