Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability (CVE-2024-7593)
Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account.
A remote attacker, without authentication, can achieve full data confidentiality loss, arbitrary modification of data, complete denial of service or system unavailability. Federal agencies are required to remediate by 2024-10-15 under CISA BOD 22-01.
This is a Improper Authentication (CWE-287) vulnerability in Ivanti Virtual Traffic Manager. Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. Exploitation requires remote network access, low attack complexity, no authentication required, and no user interaction required.
📧
Phishing link
🖼
Malicious file
🔓
Server compromised
Probably yes if any of these apply:
CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2024-09-24 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2024-10-15.
Manual remediation steps
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.