<ul><li>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability in Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities catalog.</li><li>The vulnerability, CVE-2024-7593, allows attackers to bypass authentication and create rogue administrator accounts on vTM appliances.</li><li>Ivanti has released patches to address the flaw and recommends limiting admin access to the management interface.</li><li>Federal agencies have been ordered by CISA to fix this vulnerability by October 15, 2024.</li></ul>

U.S. CISA adds Ivanti Virtual Traffic Manager flaw to its Known Exploited Vulnerabilities catalog

Discover more