Ivanti Discloses High-Severity Authentication Bypass Vulnerability in Gateway Devices

Ivanti disclosed a critical security vulnerability, CVE-2024-22024, in Connect Secure, Policy Secure, and ZTA gateway devices, potentially allowing attackers to bypass authentication measures.

Rated 8.3 out of 10 on the CVSS scale, the flaw results from an XML External Entity (XXE) vulnerability within the SAML element of these products. This vulnerability allows unauthorized access to restricted resources. This flaw, rated 8.3/10 on the CVSS scale, allows attackers to bypass authentication via an XML external entity (XXE) vulnerability in the SAML element.

The company discovered the issue during an internal review amid ongoing investigations into multiple security vulnerabilities, including CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, and CVE-2024-21893.

Affected versions include Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x), and ZTA (22.x). The company has immediately issued patches to address the vulnerability, which are available for various versions of Connect Secure, Policy Secure, and ZTA. Although there is no evidence of active exploitation, given the prevalence of recent exploited vulnerabilities, Ivanti urges users to apply patches immediately to mitigate any potential risks. Users should prioritize applying the latest patches to protect their systems from potential attacks.


Patches are offered for the relevant versions, urging users to update immediately to reduce potential risks, despite current vulnerability levels. Immediate action is recommended to protect systems from potential attacks.