Ivanti Connect Secure (ICS) VPN versions prior to 22.5R2.2, 22.6R2.1, and 23.2R1.1
| CVE ID | Product / Component | Vulnerability Type | CVSS | Exploitation Status | Patch Status | |--------|---------------------|-------------------|------|---------------------|---------------| | | Microsoft Windows (Internet Shortcut Files) | Security Feature Bypass (MotW) | 8.1 (High) | Actively exploited in the wild — used by Water Hydra APT to deliver DarkMe RAT | ✅ Patched Feb 13 | | CVE‑2024‑21351 | Microsoft Windows Defender SmartScreen | Security Feature Bypass → RCE | 7.6 (Medium) | Actively exploited in the wild; allows code injection into SmartScreen | ✅ Patched Feb 13 | | CVE‑2024‑21893 | Ivanti Connect Secure VPN (SAML component) | Server‑Side Request Forgery (SSRF) | 8.2 (High) | Actively exploited; chainable with CVE‑2024‑21887 → unauthenticated RCE | ✅ Patched | | CVE‑2024‑1709 | ConnectWise ScreenConnect (versions ≤ 23.9.8) | Authentication Bypass → RCE | 10.0 (Critical) | Mass exploitation by ransomware affiliates (BlackBasta, BlackCat, B100dy) deploying RATs and ransomware | ✅ Patch available (update to 23.9.9+) | | CVE‑2024‑26169 | Microsoft Windows Error Reporting Service | Elevation of Privilege | 7.8 (High) | Exploited as zero‑day by Black Basta ransomware affiliates before March patch | ✅ Patched March 12 (exploited as zero‑day in Feb) | | CVE‑2024‑21338 | Microsoft Windows Kernel (AppLocker driver) | Elevation of Privilege → Rootkit | 7.8 (High) | Exploited by Lazarus Group to deploy FudModule rootkit; kernel‑level access | ✅ Patched Feb 13 | | CVE‑2024‑21762 | Fortinet FortiOS / FortiProxy SSL‑VPN | Out‑of‑bound Write (RCE) | 9.8 (Critical) | Active exploitation in the wild; unauthenticated RCE | Patch available (CVE not yet disclosed at time of week) | | CVE‑2024‑21410 | Microsoft Exchange Server | Elevation of Privilege (NTLM relay) | 9.8 (Critical) | Actively exploited; attacker can relay NTLM credentials without user interaction | ✅ Patched Feb 13 (critical priority) |
In the face of these evolving threats, organizations and individuals must adopt comprehensive and proactive defense strategies. Here are several key recommendations: 0-day and Hitlist Week -02-21-2024-
The week of , was a significant period for comic book fans, featuring milestone issues and major debuts from Marvel, DC, and Image Comics. Understanding the Terms In the context of digital comic archival:
During the week of -02-21-2024-, monitoring channels have identified several critical vulnerabilities moving from theoretical proofs-of-concept (PoC) to active exploitation status. Ivanti Connect Secure (ICS) VPN versions prior to 22
To fully appreciate the urgency of the week ending February 21, it is worth zooming out to the broader February 2024 threat landscape:
: Some groups prioritize "perfection," where users can be penalized for sharing low-quality scans or incorrectly ordered pages. released during that February week? About - LOCKSS Program To fully appreciate the urgency of the week
: Tom Taylor’s celebrated run continued to deliver consistently high sales numbers and fan engagement. Independent and Indie Highlights
If you would like to explore this specific comic era further, let me know if you want to break down the for a specific storyline from this week, or if you need a value guide for the key variant covers released on February 21, 2024. AI responses may include mistakes. Learn more Share public link
Just days after Microsoft’s Patch Tuesday, ConnectWise disclosed two critical vulnerabilities in its ScreenConnect remote desktop software, affecting versions . These flaws were assigned no CVEs at the time of disclosure but were described as:
Similar to its counterpart, this flaw requires an attacker to send a specially crafted malicious file to a user and convince them to open it. The exploit bypasses SmartScreen’s security checks, potentially leading to code execution.