At Ivanti, our top priority is upholding our commitment to deliver and maintain secure products for our customers. We continue to invest significant resources to ensure that all our solutions continue to meet our own high standards and industry best practices.  Our team rigorously assesses our products and collaborates with the broader security ecosystem to share intelligence, and we are committed to communicating findings openly with customers, consistent with our commitment to security and responsible disclosure.

As part of the continued hardening of our solutions, the Ivanti team in partnership with third-party researchers identified a new vulnerability. We are reporting it as CVE-2023-41724. A patch is now available for all supported versions of Ivanti Standalone Sentry 9.17.0, 9.18.0, and 9.19.0.

It is important for customers to know:

  • We have no evidence of this vulnerability being exploited in the wild.
  • This vulnerability does not impact any other Ivanti products or solutions.

More information on this vulnerability and detailed instructions on patch availability and how to remediate the vulnerability can be found in this Security Advisory.

Our Support team is always available to help customers and partners should they have any questions. Cases can be logged via the Success portal (login credentials required).

We would also like to thank Vincent Hutsebaut, Pierre Vivegnis, Jerome Nokin, Roberto Suggi Liverani and Antonin B. from NATO Cybersecurity Centre for their collaboration on this issue.

Want to stay up to date on Ivanti Security Advisories? Paste https://www.ivanti.com/blog/topics/security-advisory/rss into your preferred RSS reader / functionality in your email program.