Home » CISA Warns of High-Risk Vulnerabilities in DuraComm DP-10iN-100-MU

CISA Warns of High-Risk Vulnerabilities in DuraComm DP-10iN-100-MU

July 23, 2025 • César Daniel Barreto

The Cybersecurity and Infrastructure Security Agency, or CISA, has issued an emergency directive of active critical vulnerability exploitation against the Ivanti Connect Secure and Ivanti Policy Secure products. Attackers are exploiting these vulnerabilities to gain access to networks and exfiltrate sensitive information, as well as deliver malicious payloads.

According to the CISA alert, two vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, allow pre-authentication command injection, enabling attackers to bypass authentication and execute arbitrary commands, thereby increasing access to the system. Federal agencies and private-sector organizations are being actively targeted, with threat actors leveraging these flaws, including state-sponsored groups, among others.

Who is at risk? Ivanti Connect Secure (originally Pulse Secure VPN) and Ivanti Policy Secure gateways. Any government agency, critical infrastructure operator, or enterprise that uses these products for remote access would be at immediate risk.

Attacks have been observed since early January 2024, with CISA confirming the massive exploitation by the end of January. Since then, incidents have occurred across a number of sectors—defense, healthcare, and financial services, among others.

Why does it matter? These vulnerabilities could allow bypasses of security controls, leading to devastating effects, including possible data exfiltration vulnerabilities, potential avenues for ransomware drops in the network, and numerous other avenues for further exploitation within a network environment.

Unpatched systems are highly vulnerable—the attackers are now scanning all exposed devices, according to CISA. Federal agencies have been required by CISA to take affected Ivanti products offline immediately, patch systems, and perform forensics.

The agency has also shared detection tools. Ivanti has released temporary mitigations and strongly recommends that customers patch as soon as possible. They acknowledge the seriousness of these flaws and are working with CISA on current threats.

Organizations must do the following steps that CISA recommended: Disconnect compromised Ivanti devices from networks; apply the latest patches and follow Ivanti mitigation steps; hunt for IOCs using tools provided by CISA.

Furthermore, the FBI has been informed and is presently investigating this matter. It emphatically highlights the increased risk that advanced threat actors will continue to weaponize vulnerabilities in VPNs and remote access. Companies have been urged to act quickly to prevent further breaches.

Sources: – CISA Emergency DirectiveIvanti Security Advisory

author avatar

César Daniel Barreto

César Daniel Barreto is an esteemed cybersecurity writer and expert, known for his in-depth knowledge and ability to simplify complex cyber security topics. With extensive experience in network security and data protection, he regularly contributes insightful articles and analysis on the latest cybersecurity trends, educating both professionals and the public.

Featured Posts

  1. WordPress Security: Top Tips to Protect Your Website
  2. Tiny Banker Trojan: An In-Depth Look at a Stealthy Cyber Threat
  3. The Importance of Cybersecurity in Online Gaming Platforms
  4. GTA Group Publishes Findings on Hermit Malware
  5. The Price of Convenience: How Free Services Monetize Your Data
  6. The TikTok Dilemma: Balancing Entertainment 
  7. Android Malware Can Steal Financial Data
  8. Top Cybersecurity Threats for Tech Companies in 2025
  9. Privacy and security as main characteristics of the Blockchain: Part 1
  10. Best DNS Servers for Gaming
  11. Cryptojacking: Detection & Prevention Tips
  12. How Blockchain and Crypto Make Gaming More Secure

Stay on top of the latest cyber & technology trends.

©2025 securitybriefing - All rights reserved.