First published: 22 Aug 2023
Last updated: 22 Aug 2023

Content written for

Small & medium business
Large organisations & infrastructure
Government

This alert has been written for organisations using Ivanti Sentry software.

Background/ What has happened?

An API Authentication Bypass vulnerability (CVE-2023-38035) has been identified in Ivanti Sentry MICS Admin Portal, allowing access to the administrator interface in Ivanti Sentry versions 9.18 or below. 

Exploitation of this vulnerability may allow an actor to gain unauthorised access to the administrator portal and change configuration, run commands and write to the filesystem.

Ivanti are aware of a limited number of customers impacted by CVE-2023-38035. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is not aware of any successful exploitation attempts against Australian organisations.

Mitigation / How do I stay secure?

Australian organisations using Ivanti Sentry version 9.18.0 or earlier should review their patch status and update their software to the latest version. Ivanti have released a security advisory and a hotfix for affected devices.

Assistance / Where can I go for help?

The ASD’s ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations or individuals that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371)

Was this information helpful?

Thanks for your feedback!

Optional

Tell us why this information was helpful and we’ll work on making more pages like it