The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying it.

The vulnerability threat intelligence firm’s research reinforces a slew of recent reports warning about increased exploits in 2024.

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant.

Hackers have been actively targeting the firewall management software through multiple vulnerabilities.

The Shadowserver Foundation put the figure at around 87,000 for a vulnerability rated as critical and first discovered in February.

Ivanti's Cloud Service Appliance has a "high severity vulnerability" being exploited in the wild.

The tech giant's regular vulnerability list includes new vulnerabilities for Windows Updater and Installer.

The National Vulnerability Database has ceased some of its work, but some experts fear the formation of a consortium to address its problems lacks sufficient urgency.

While CISA says the catalog is catching on, some think it needs improvement.