CVE-2024-21887
CVSS Score
9.1
EPSS Score
0.0%
EPSS Percentile
0th
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
| Vendor | ivanti |
| Product | ics |
| Ecosystems | |
| Industries | SecurityNetworking |
| Published | Jan 12, 2024 |
| Last Updated | Oct 21, 2025 |
⚠️ Actively Exploited — Act Now
Get instant alerts for ivanti ics
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-21887.
Get Free Alerts →
Free · No credit card · 60 sec setup
CVSS v3 Breakdown
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Affected Versions
Ivanti / ICS
9.1R18 ≤ 9.1R18 22.6R2 ≤ 22.6R2
Ivanti / IPS
9.1R18 ≤ 9.1R18 22.6R1 ≤ 22.6R1
References
forums.ivanti.com: https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US packetstormsecurity.com: http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21887