CVE-2023-46805

ENISA EUVD: EUVD-2023-50971 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 21 articles Published: 2024-01-12

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

94.37%

probability

This CVE has a 94.37% probability of being exploited in the next 30 days.

0% Top 100.0th percentile of all CVEs 100%

CVSS v3.0

Source: VulnerabilityLookup (CIRCL)

8.2

HIGH

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

None

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Description

VulnerabilityLookup (CNA)

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

Affected Products

Ivanti

ICS

9.1R18 22.6R2

Ivanti

IPS

9.1R18 22.6R1

ivanti

connect secure

ivanti

policy secure

Ivanti

IPS

9.1R18 ≤9.1R18

Ivanti

ICS

22.6R2 ≤22.6R2

Ivanti

IPS

22.6R1 ≤22.6R1

Ivanti

ICS

9.1R18 ≤9.1R18

Attack Intelligence

CWE-284 · Improper Access Control CWE-287 · Improper Authentication

Exploits & PoC

duy-31/CVE-2023-46805_CVE-2024-21887

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restri

23 2024-01-17

Chocapikk/CVE-2023-46805

Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research

13 2024-01-19

seajaysec/Ivanti-Connect-Around-Scan

Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.

12 2024-02-03

yoryio/CVE-2023-46805

Scanner for CVE-2023-46805 - Ivanti Connect Secure

10 2024-07-23

cbeek-r7/CVE-2023-46805

Simple scanner for scanning a list of ip-addresses for vulnerable Ivanti Pulse Secure devices

5 2024-01-19

raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887

The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.

5 2024-03-23

Hexastrike/Ivanti-Connect-Secure-Logs-Parser

A Python script for examining Ivanti Secure Connect (ICS) event logs, designed to support investigations into vulnerabilities CVE-2025-0282, CVE-2023-

5 2025-01-19

w2xim3/CVE-2023-46805

CVE-2023-46805 Ivanti POC RCE - Ultra fast scanner.

2 2024-01-25

rxwx/pulse-meter

Parses the System Snapshot from an Ivanti Connect Secure applicance to identify possible IOCs related to CVE-2023-46805, CVE-2024-21887 and CVE-2025-0

1 2025-02-13

9 repos — triés par ⭐ Rechercher sur GitHub ↗

https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html

Signal Intelligence

Confidenceⓘ

92%

EPSS 94.37%

CVSS v3.0 8.2

Mentions 21

Last Seen Apr 03, 2025

CNA Information

CNA Assigner

hackerone

Analyst Note

CVE-2023-46805 is explicitly named as a zero-day exploited in the wild across multiple authoritative sources (BleepingComputer, CISA emergency directive). Articles document active attacks and simultaneous patch availability, with exploitation reported since mid-March 2024 and mass exploitation following disclosure. Clear zero-day criteria met.