Rapid Response Status Page

All Systems Operational

Rapid Response Operational
90 days ago
93.3 % uptime
Today
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Major outage
Partial outage
No downtime recorded on this day.
No data exists for this day.
had a major outage.
had a partial outage.
Apr 26, 2025

No incidents reported today.

Apr 25, 2025

No incidents reported.

Apr 24, 2025

No incidents reported.

Apr 23, 2025
Resolved - Dear Customers,

Following our recent update regarding the Erlang/OTP RCE vulnerability (CVE-2025-32433), we continued with the threat-focused hunting efforts, looking for machines running vulnerable versions of the Erlang/OTP SSH Package

Axon reports have been published for Team Axon customers, including a list of deliverables.
Relevant hits that require your attention will be mentioned in the AXON report.


We continue to monitor CVE-2025-32433 and will provide further updates as necessary.
If you have any questions or need further assistance, please feel free to reach out.


Sincerely,
Team Axon

Apr 23, 13:18 UTC
Investigating - Team Axon is aware of a new critical RCE flaw (CVE-2025-32433) affecting Erlang/OTP SSH daemon.
This vulnerability allows remote unauthenticated code execution due to a logical race condition issue.
Attackers can send crafted SSH packets to exploit this flaw, which can potentially lead to unauthenticated arbitrary code execution, potentially with root privileges.

We’ve observed the publication of several Proof-of-Concepts related to this vulnerability.

Recommendations:
- Upgrade your Erlang/OTP installation to one of the following
- OTP-27.3.3
- OTP-26.2.5.11
- OTP-25.3.2.20
- If you’re using a vendor-supplied Erlang distribution (e.g., part of a Cisco or Ericsson product), monitor for official updates.
- If a patch/update is not an option, consider:
- Restricting access to the SSH port to trusted IPs only.
- Use firewall rules to block access from untrusted networks
- Disable Erlang/OTP-based SSH if it's not essential.

Our team is actively researching the details and will provide updates after deeply analyzing and assessing the vulnerability, including potential deliverables such as threat hunting queries and visibility insights. Impacted customers will be notified directly.

For further assistance, please don't hesitate to contact us.

Sincerely,
Team Axon

Apr 22, 10:57 UTC
Apr 22, 2025
Apr 21, 2025

No incidents reported.

Apr 20, 2025

No incidents reported.

Apr 19, 2025

No incidents reported.

Apr 18, 2025

No incidents reported.

Apr 17, 2025

No incidents reported.

Apr 16, 2025

No incidents reported.

Apr 15, 2025

No incidents reported.

Apr 14, 2025
Resolved - Dear Customers,

Following our recent update regarding the Ivanti VPN RCE vulnerability (CVE-2025-22457), we continued with the threat-focused hunting efforts, looking for suspicious IOC hits.

Axon reports have been published for Team Axon customers, including a list of IOCs and IOC Sweep results.
Relevant hits that require your attention will be mentioned in the AXON report.


We continue to monitor CVE-2025-22457 and will provide further updates as necessary.
If you have any questions or need further assistance, please feel free to reach out.


Sincerely,
Team Axon

Apr 14, 08:15 UTC
Investigating - Team Axon is aware of a recently disclosed Remote Code Execution (RCE) vulnerability affecting several Ivanti products related to VPN functionality.

The vulnerability, CVE-2025-22457, is a stack-based buffer overflow that impacts the following Ivanti versions:

- Ivanti Connect Secure prior to version 22.7R2.6

- Ivanti Policy Secure prior to version 22.7R1.4

- Ivanti ZTA Gateways prior to version 22.8R2.2

- Pulse Connect Secure (EoS) prior to version 9.1R18.9

This flaw allows a remote, unauthenticated attacker to achieve remote code execution. While no public Proof-of-Concept (PoC) exploit has been released, the vulnerability is known to have been exploited in the wild.

To reduce risk, we strongly recommend:

- Applying available security patches to all affected Ivanti applications and appliances.
(Note: Some patches may not yet be available; we advise monitoring vendor updates closely

Team Axon is actively investigating customer environments for any signs of exploitation.
Should we identify affected systems, impacted customers will be notified directly.

If you have any questions or require assistance, please don’t hesitate to reach out.

Sincerely,
Team Axon

Apr 9, 10:52 UTC
Apr 13, 2025

No incidents reported.

Apr 12, 2025

No incidents reported.