CVE-2024-38649
Published: 13 November 2024
Summary
CVE-2024-38649 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Ivanti Connect Secure. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 9.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-38649 is an out-of-bounds write vulnerability in the IPsec component of Ivanti Connect Secure versions prior to 22.7R2.1, excluding the 9.1Rx branch. The flaw carries a CVSS 3.1 base score of 7.5 and is associated with CWE-125. It affects the network-facing IPsec processing path within the Connect Secure product line.
A remote unauthenticated attacker can send crafted network traffic to trigger the out-of-bounds write, resulting in a denial-of-service condition. No authentication, user interaction, or special privileges are required, and the attack can be launched over the network with low complexity.
The referenced Ivanti security advisory details the affected releases and states that upgrading to version 22.7R2.1 or later resolves the issue for supported branches. It also notes that the 9.1Rx series is not impacted.
EPSS scores for the CVE remain low, with a current value of 0.0588 and a peak of 0.0620.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-37700
Vulnerability details
An out-of-bounds write in IPsec of Ivanti Connect Secure before version 22.7R2.1(Not Applicable to 9.1Rx) allows a remote unauthenticated attacker to cause a denial of service.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.