Is Ivanti the problem or a symptom of a systemic issue with network devices?

Network edge devices — hardware that powers firewalls, VPNs and network routers — have quickly moved up the list of attackers’ preferred intrusion points into enterprise networks. While dozens of companies make and sell these devices, customers of one company in particular — Ivanti — have confronted exploited vulnerabilities in their products more than any other vendor in this space since the start of last year.

Ivanti appears in the Cybersecurity and Infrastructure Security Agency’s known exploited vulnerabilities (KEV) catalog more than any other firewall, VPN or router vendor over the past 16 months. Cyber authorities confirm that attackers exploited five vulnerabilities in Ivanti products so far this year, and 16 total since the beginning of 2024.

Read more at CyberScoop