Why the fuck do people still use Ivanti, and while we're at it, Cisco gear? How many backdoors and vulnerabilities can these two companies produce until they get put out of business?
If you ask me... both these companies should be treated similarly to misbehaving banks: banned from acquiring new customers, an external overseer installed, and only when the products do not pose a threat to the general public any more, they can acquire new customers again.
Ivanti is a necrotic acquirer of things. Kind of like a poor version of Microfocus or Broadcom pre-VMware and pre-AI hype. (Broadcom even bought CA, which was the ultimate company of this type.)
This product was MobileIron, which was actually a pretty decent MDM platform, except like most acquisitions like this I'm sure they purged anyone with a clue. Unlike something like Pulse VPN, MDM is a sticky product and difficult/time-consuming to transition from.