At Ivanti, we are committed to delivering innovative, high quality and secure solutions for our customers. Part of this is ensuring our customers are aware of the latest threats.

A new OpenSSL security vulnerability with a severity rating of “critical” became public knowledge last week. It impacts OpenSSL versions above 3.0.0 as well as applications with an affected OpenSSL library embedded. On Tuesday, 1 November, the OpenSSL project team will be releasing version 3.0.7 that contains a fix for this vulnerability.

Ivanti has completed an initial evaluation and found that our products are not impacted. We are finalizing our investigation and will share any recommended mitigation, should it be needed, in our Community Forum.

We encourage our customers to protect their environment from threats by patching their systems for known vulnerabilities and ensuring they are running the latest versions of solutions from Ivanti and their other software vendors.