CVE-2024-38649: 
Ivanti Connect Secure vulnerability analysis and mitigation

An out-of-bounds write vulnerability (CVE-2024-38649) affects the IPsec component of Ivanti Connect Secure versions before 22.7R2.1 (Not Applicable to 9.1Rx). This vulnerability was disclosed on November 11, 2024, and allows remote unauthenticated attackers to cause a denial of service condition (NVD, ASEC).

The vulnerability has been assigned a CVSS v3.0 base score of 7.5 (HIGH) with the following vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. The vulnerability specifically involves an out-of-bounds write condition in the IPsec functionality, which can be triggered remotely without requiring authentication (SecurityOnline).

When successfully exploited, this vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) condition in the affected system. This can potentially disrupt the availability of VPN services for legitimate users (ASEC).

Ivanti has released patches to address this vulnerability. Users are advised to upgrade to Ivanti Connect Secure version 22.7R2.3 or Ivanti Policy Secure version 22.7R1.2. The vulnerability does not affect version 9.1Rx (ASEC).