How to patch Ivanti Connect Secure
Ivanti · Network / Security · 5 steps · Ivanti Connect Secure security status → · updated June 2026
Ivanti Connect Secure (VPN) appliances have been repeatedly exploited, so apply any interim mitigation immediately, then patch and run the Integrity Checker Tool to confirm you were not compromised.
Ivanti Connect Secure has 14 actively-exploited vulnerabilities on the CISA KEV list — patching is urgent.
Check your current version first
Before you patch, record what you're running (Admin console):
Admin console → System → Status / Upgrade (shows version)Or paste your version into the checker for an instant verdict.
Step by step
Open the admin console and record the running version.
If the advisory provides a mitigation (e.g. an XML/workaround) ahead of the patch, apply it immediately — these appliances are actively exploited.
System Maintenance → Archiving / configuration backup before patching.
Maintenance → Install Service Package, upload the fixed build, and apply it.
After reboot, run Ivanti’s Integrity Checker Tool (ICT) where advised to confirm the appliance was not compromised, and verify the new version.
- Treat as high-urgency: Connect Secure has been the target of multiple actively-exploited zero-days — mitigate the moment an advisory lands.
- A clean patch does not prove you were not already breached — run the ICT and review logs.
Official sources
- Advisory: Ivanti Security Advisories ↗
- Download: Ivanti download portal ↗
Don't patch blind. Ivanti Connect Secure has 14 actively-exploited vulnerabilities on the CISA KEV list — patching is urgent. See exactly which versions are safe and what you're exposed to.
Ivanti Connect Secure security status →Stay ahead of the next one
- Ivanti Connect Secure security status & health score — score, open CVEs and safe version.
- Ivanti Connect Secure vulnerabilities — the full CVE list and what's exploited.
- Monitor Ivanti Connect Secure — get an email alert the moment a new exploited vulnerability lands.
Frequently asked questions
What is the latest version of Ivanti Connect Secure?
Check the current supported Ivanti Connect Secure release on its product page or the official vendor advisory, then patch to it.
How do I check which version of Ivanti Connect Secure I am running?
Use: Admin console → System → Status / Upgrade (shows version) (Admin console). Record the result before and after patching to confirm the update applied.
Is Ivanti Connect Secure being actively exploited right now?
Yes — 14 Ivanti Connect Secure vulnerabilities are on the CISA Known Exploited Vulnerabilities (KEV) list, so attackers are using them in the wild. Patch promptly. See the exploitation radar.
How do I patch Ivanti Connect Secure safely without breaking production?
Always test in a non-production environment first, take a backup or snapshot, follow the official vendor advisory, and have a tested rollback. Patch one node at a time for clustered or high-availability setups.
Patch steps are general, well-established guidance for Ivanti Connect Secure — always test in a non-production environment first and follow the official Ivanti advisory for your exact version. IsItPatched is independent and not affiliated with Ivanti; this is not a substitute for vendor documentation. See our disclaimer.