How Cloudflare’s AI WAF proactively detected the Ivanti Connect Secure critical zero-day vulnerability

Cloudflare has demonstrated a proactive approach to cybersecurity by using artificial intelligence (AI) to identify and prevent attacks exploiting the recently disclosed CVE-2023-46805 and CVE-2024-21887 vulnerabilities in Ivanti's Pulse Connect Secure. The AI-powered WAF Attack Score layer allowed Cloudflare to protect its customers from these threats even before the vulnerabilities were publicly disclosed. By releasing Emergency Rules within 24 hours after proof of concept went public, Cloudflare showcased its commitment to ensuring customer security and maintaining an optimal protection level. These rules are designed to block attempts to exploit CVE-2023-46805 and CVE-2024-21887, providing additional layers of security for users of Cloudflare services. In light of this critical vulnerability, organizations using Cloudflare's WAF should ensure that their systems are updated with the latest rules and configurations to maintain optimal protection. Additionally, deploying rules using Attack Score can help improve an organization's overall security posture.