CVE-2024-47906: 
Ivanti Connect Secure vulnerability analysis and mitigation

CVE-2024-47906 is a security vulnerability affecting Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx). The vulnerability was disclosed on November 12, 2024, and involves excessive binary privileges that could allow privilege escalation (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability is associated with CWE-426 (Untrusted Search Path) and CWE-267 (Privilege Defined With Unsafe Actions) (NVD).

The vulnerability allows a local authenticated attacker to escalate privileges on affected systems. This could potentially give attackers elevated access to system resources and sensitive data (ASEC).

Ivanti has released patches to address this vulnerability. Users are advised to update to Ivanti Connect Secure version 22.7R2.3 or Ivanti Policy Secure version 22.7R1.2. The vulnerability is not applicable to version 9.1Rx (ASEC).

According to ASEC's analysis, as of November 19, 2024, out of 743 surveyed domestic servers with version information available, approximately 90.7% (674 servers) were operating with vulnerable versions. This high percentage of affected servers, particularly in corporate and organizational environments, has raised significant security concerns (ASEC).