Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: China-Linked Cyberattack Targets French Infrastructure Using Ivanti Flaws
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

China-Linked Cyberattack Targets French Infrastructure Using Ivanti Flaws

Highlights

  • Ivanti vulnerabilities led to major attacks on French critical sectors in 2024.

  • UNC5174, linked to China, exploited zero-days to steal credentials and access networks.

  • Ivanti urged customers to update systems; ongoing vigilance is strongly recommended.

Samantha Reed
Last updated: 3 July, 2025 - 8:09 pm 8:09 pm
Samantha Reed 7 hours ago
Share
SHARE

A series of coordinated cyberattacks impacted numerous critical French sectors in late 2024, leveraging previously undisclosed security weaknesses in Ivanti Cloud Services Appliance products. These incidents targeted essential services such as government, telecommunications, finance, media, and transportation. Authorities in France observed significant repercussions from the exploitation, stressing the risk to public and private infrastructures. Many organizations have since sought to strengthen their network defenses and review their dependence on similar technologies. The persistent nature of these threats continues to challenge stakeholders responsible for national resilience and data protection.

Contents
What Techniques Did the Attackers Use?Who Was Behind the Incidents?How Did Vendors and Agencies Respond?

Recent analyses reveal a marked escalation in cyberattacks using Ivanti vulnerabilities compared to earlier years. Over the past four years, incidents involving Ivanti’s edge devices have grown, with researchers and security authorities reporting more frequent exploitation of these weaknesses, particularly by actors linked to China. Despite routine patch releases and advisories, adversaries have adapted by developing new attack methods and leveraging open-source tools to evade detection. While Ivanti previously addressed several vulnerabilities, recent campaigns represent a shift towards persistent, credential-stealing operations. Organizations now face greater pressure to maintain up-to-date defenses as threat actors continue to exploit both legacy and current systems.

What Techniques Did the Attackers Use?

The attackers, identified as UNC5174, exploited three Ivanti zero-day flaws known as CVE-2024-8190, CVE-2024-8963, and CVE-2024-9380. According to security investigators, this group employed a combination of zero-day vulnerabilities, a custom rootkit, and a suite of open-source as well as commercial tools to achieve their objectives. By using dedicated servers and VPNs, they sought to maintain undetected access within compromised environments. These methods enabled attackers to steal credentials and establish persistence on the networks of targeted organizations. The French security report notes,

The operators behind the UNC5174 and Houken intrusion sets are likely primarily looking for valuable initial accesses to sell to a state-linked actor seeking insightful intelligence.

Who Was Behind the Incidents?

UNC5174, identified by security experts as a former member of Chinese hacktivist collectives, is suspected of working under contract for China’s Ministry of State Security. This actor has previously targeted several high-profile platforms, including ConnectWise ScreenConnect, F5 BIG-IP, Atlassian Confluence, the Linux kernel, and Zyxel firewalls. In these campaigns, UNC5174 reportedly operated under the persona “Uteus” and repurposed edge device vulnerabilities to obtain and monetize network access. French authorities attribute both the recent and earlier intrusions to this same threat group.

How Did Vendors and Agencies Respond?

Security agencies and Ivanti responded with advisories and updated software patches. The Cybersecurity and Infrastructure Security Agency warned organizations about the chained exploitation of Ivanti’s flaws, emphasizing the risks of credential theft, unauthorized access, and remote code execution. Ivanti stated that fully patched systems and newer versions were not affected. Their spokesperson indicated, “We support information sharing to aid defenders. This report covers threat actor activity from last fall that affected an end-of-life version of Cloud Services Appliance. Customers on fully patched or upgraded versions were not affected.” Ivanti has since released fixes and strongly recommended upgrades to unaffected CSA version 5.0.

As large-scale attacks on edge devices become more sophisticated, organizations must adopt proactive cybersecurity measures and promptly implement vendor patches. The repeated exploitation of Ivanti products places the company under intense scrutiny, particularly because its software has been at the center of multiple high-impact security incidents since 2021. French authorities, alongside international partners, highlight the necessity for coordinated responses and information sharing to counter evolving cyber threats, particularly those from state-linked adversaries. Enterprises should monitor advisories, continuously audit their systems, and avoid reliance on unsupported versions to minimize risk. Timely response and system upgrades remain essential in mitigating similar campaigns targeting critical infrastructure.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

FBI Reports Chinese Hackers Remain Contained in US Telecoms

Cloudflare Lets Websites Set Fees for AI-Crawling Bots

AT&T Launches Wireless Account Lock to Block SIM-Swapping Attacks

US Authorities Target North Korean IT Worker Schemes and Make Arrest

Hacker Tracks FBI Agent, Cartel Targets Witnesses in El Chapo Case

Share This Article
Facebook Twitter Copy Link Print
Samantha Reed
By Samantha Reed
Samantha Reed is a 40-year-old, New York-based technology and popular science editor with a degree in journalism. After beginning her career at various media outlets, her passion and area of expertise led her to a significant position at Newslinker. Specializing in tracking the latest developments in the world of technology and science, Samantha excels at presenting complex subjects in a clear and understandable manner to her readers. Through her work at Newslinker, she enlightens a knowledge-thirsty audience, highlighting the role of technology and science in our lives.
Previous Article Sateliot Expands 5G Coverage with New Satellites from Alén Space
Next Article Gaming Industry Layoffs Hit Devs Despite Profitable Releases

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Petition Signatures Spark Debate on Game Preservation Laws
Gaming
Tesla Drives Sales Surge as EV Tax Credit Nears End
Electric Vehicle
AMD Graphics Cards Deliver Better Value With New Driver Updates
Computing
Microsoft Cuts 9,000 Jobs as Xbox Division Faces Project Cancellations
Gaming
Tesla Expands Full Self-Driving Tests to More European Countries
Electric Vehicle
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?