New Mitigations to Defend Against Exploitation of Ivanti Connect Secu…

…re and Policy Secure Gateways - 20240131002 (wagov#492) * Ivanti_advisory * Format markdown files * Update 20240131002-Mitigation-Defend-Agaist-Exploitation-of-Ivanti.md Change CVE to NIST links --------- Co-authored-by: GitHub Actions <actions@github.com> Co-authored-by: Joshua Hitchen (DGov) <86041569+DGovEnterprise@users.noreply.github.com>
LSerki · Feb 1, 2024 · 1ef0689 · 1ef0689
1 parent 51fb402
commit 1ef0689
Showing 1 changed file with 26 additions and 0 deletions.
diff --git a/docs/advisories/20240131002-Mitigation-Defend-Agaist-Exploitation-of-Ivanti.md b/docs/advisories/20240131002-Mitigation-Defend-Agaist-Exploitation-of-Ivanti.md
@@ -0,0 +1,26 @@
+# New Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways - 20240131002
+
+## Overview
+
+CISA has released new mitigations to defend against threat actors exploiting Ivanti Connect Secure and Policy Secure Gateways vulnerabilities in Ivanti devices ([CVE-2023-46805](https://nvd.nist.gov/vuln/detail/CVE-2023-46805) and [CVE-2024-21887](https://nvd.nist.gov/vuln/detail/CVE-2024-21887)).
+
+## What is vulnerable?
+
+| Product(s) Affected | Summary | Severity | CVSS |
+| ------------------- | ------- | -------- | ---- |
+| **ICS 9.1R18**      |         | **High** | 8.2  |
+| **ICS 22.6R2**      |         | **High** | 8.2  |
+| **IPS 9.1R18**      |         | **High** | 8.2  |
+| **IPS 22.6R2**      |         | **High** | 8.2  |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+## Additional References
+
+- [NVD - CVE-2023-46805 (nist.gov)](https://nvd.nist.gov/vuln/detail/CVE-2023-46805)