Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to change configuration, run system commands, or write files onto the vulnerable system. “As of now, we are only aware of a limited number of customers impacted by CVE-2023-38035,” the company said in the advisory, but still has to clarify whether that means detected exploitation attempts or simply vulnerable installations reachable via internet. … More
The post Ivanti Sentry zero-day vulnerability fixed, patch ASAP! (CVE-2023-38035) appeared first on Help Net Security.