CVE-2024-38657: 
Ivanti Connect Secure vulnerability analysis and mitigation

External control of a file name vulnerability (CVE-2024-38657) affects Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3. The vulnerability allows a remote authenticated attacker with admin privileges to write arbitrary files to the system (Mitre CVE).

The vulnerability has been assigned a CVSS score of 9.1, indicating critical severity. The vulnerability specifically affects the file handling mechanisms in both Ivanti Connect Secure and Policy Secure products, allowing authenticated administrators to perform arbitrary file writes (Hacker News).

If successfully exploited, this vulnerability could allow an authenticated attacker with administrative privileges to write arbitrary files to the system, potentially leading to remote code execution or system compromise (Hacker News).

Ivanti has released security updates to address this vulnerability. Users should upgrade Ivanti Connect Secure to version 22.7R2.4 or later, and Ivanti Policy Secure to version 22.7R1.3 or later. These patches have been confirmed to resolve the vulnerability (Hacker News).

Ivanti has acknowledged that their edge products have been targeted by sophisticated threat actors and has responded by enhancing their security measures. The company has implemented improved internal scanning, manual exploitation testing, and increased collaboration with the security ecosystem. They have also become a CVE Numbering Authority to strengthen their security response capabilities (Hacker News).