Blog Security Research Exploitation Observed: Ivanti Connect Secure — CVE-2023-46805 and CVE-2024-21887 Noam Atias is a Security Researcher in the Apps & APIs Threat Research Group at Akamai. Sam Tinklenberg is a Senior Security Researcher in the Apps & APIs Threat Research Group at Akamai. Sam comes from a background in web application penetration testing and is passionate about finding and protecting against critical vulnerabilities. While he isn’t breaking web apps, Sam enjoys video and board games, being outside, and spending time with friends and family. Ivanti Connect Secure has emerged as a highly coveted asset for potential attackers who are seeking an entry point into the internal enterprise network. Introduction On January 10, 2024, multiple parties (Ivanti, Volexity, and Mandiant) disclosed the existence of a zero-day vulnerability that affects the Ivanti Connect Secure and Ivanti Policy Secure gateways. This exploit chain leads to remote code execution.…