On April 4, 2025, Ivanti released a security advisory regarding a critical vulnerability affecting their products. The vulnerability is known to be exploited in the wild. The vulnerability has been fixed in the February 2025 release and was initially identified as a product bug.
CERT-EU recommends upgrading to a supported and fixed version of Ivanti products as soon as possible. CERT-EU also recommends reviewing forensic evidence to detect any signs of exploitation.