1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Ivanti Neurons for ITSM could be targeted by authentication bypas

    From TechnologyDaily@1337:1/100 to All on Wednesday, May 14, 2025 18:15:08
    Ivanti Neurons for ITSM could be targeted by authentication bypass flaw, so watch out

    Date:
    Wed, 14 May 2025 17:00:00 +0000

    Description:
    Threat actors could use the flaw to gain admin rights on the target system.

    FULL STORY ======================================================================Ivanti released a patch for a critical severity flaw in Neurons for ITSM The flaw
    can be abused to gain admin rights on target systems There is no evidence of abuse in the wild

    Ivanti has patched a critical-severity vulnerability in its Neurons for ITSM IT service management solution, and is urging users to apply the fix and mitigate the risk as soon as possible.

    Neurons for ITSM is an AI-powered IT Service Management platform used by IT departments in mid-to-large enterprises to automate, streamline, and manage
    IT support services, incidents, and assets across their organizations.

    An exact number of users is unknown, but Ivanti claims to be servicing tens
    of thousands of organizations with its portfolio, so its safe to assume the attack surface is relatively large.

    TechRadar Pro readers can get 60% off Premium Plans at RoboForm now!

    New users can take advantage of RoboForms exclusive deal and get 60% off the Premium Plan. With this deal, you can get unlimited password storage, one-click login & autofill, password sharing, two-factor authentication for added protection, cloud backup, and emergency access for trusted contacts. To claim this deal, visit this link and sign up for the Premium Plan to lock in this huge discount.

    Preferred partner ( What does this mean? ) View Deal Low complexity attacks

    The vulnerability in question is tracked as CVE-2025-22462. NVD describes it as an authentication bypass in Neurons for ITSM in versions before 2023.4, 2024.2 and 2024.3 with the May 2025 Security Patch. It affects on-prem instances only, and allows a remote unauthenticated threat actor to gain
    admin rights on the target system.

    The company says that depending on the system configuration, the
    vulnerability can be exploited in low-complexity attacks. That, however, doesnt seem to have happened yet, since Ivanti claims there is no evidence of abuse in the wild so far.

    Ivanti also suggested that organizations should follow its guidance, since then they will be less exposed to potential attacks.

    "Customers who have followed Ivanti's guidance on securing the IIS website
    and restricted access to a limited number of IP addresses and domain names have a reduced risk to their environment," the company said in an advisory. "Customers who have users log into the solution from outside their company network also have a reduced risk to their environment if they ensure that the solution is configured with a DMZ."

    This is the second major vulnerability Ivanti patched this week, after addressing a critical-severity bug in its Endpoint Manager Mobile (EPMM) software.

    Via BleepingComputer You might also like Ivanti patches two zero-days that could lead to RCE in Endpoint Manager Mobile Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/ivanti-neurons-for-itsm-could-be-target ed-by-authentication-bypass-flaw-so-watch-out


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)