The CCB has information about multiple cases in which the Ivanti vulnerability is being actively exploited with very serious consequences for the affected organisations.
Organisations using EoL versions of these devices will certainly come under attack in the coming days or weeks. We therefore recommend that you take immediate action and remove the EoL devices.
We recommend to perform the following actions as soon as possible:
- Patch your Ivanti devices, replace them when End-of-Life
- Check for compromises with the Ivanti external Integrity Checker
- Check your environment for traces of compromise
With this alert, we want to engage security teams to thoroughly check these devices and the entire network, start incident response if necessary and inform us on https://ccb.belgium.be/cert/report-incident.