We're hiring — IT Technician, Jacksonville areaView details & apply
← Back to Threats Log
CriticalVulnerabilities· Published June 30, 2026

Ivanti and Legacy Remote-Access Gateways Actively Exploited

Threat actors continue targeting Ivanti Connect Secure, Policy Secure, and other remote-access appliances with known vulnerabilities — often before patches are applied. Successful exploitation gives attackers VPN-level access without stealing a single password.

Who is affected

Multi-location businesses, firms with remote attorneys or clinicians, and organizations running older VPN concentrators that are not on a monthly patch cycle.

Why it matters

Edge-device breaches are silent — attackers can dwell inside a network for weeks before deploying ransomware or stealing email.

Recommended actions

  • Inventory every remote-access appliance and confirm firmware matches the vendor's latest security advisory.
  • Apply emergency patches immediately when CISA adds a product to its Known Exploited Vulnerabilities catalog.
  • Disable unused VPN profiles and enforce MFA on all remote access paths.
  • Plan replacement for hardware that no longer receives security updates.

Official reference

CISA Known Exploited Vulnerabilities Catalog

Need help implementing these protections?

ITNS provides managed IT, cybersecurity, and compliance support across Florida. Tell us about your environment — we will help you prioritize what matters most for your team.

Disclaimer: This advisory is for general awareness only and does not constitute legal or compliance advice. Every environment is different — contact ITNS for guidance specific to your business.