Critical Ivanti Cloud Service Appliance flaw exploited in the wild

A critical path traversal vulnerability, recently discovered in Ivanti’s Cloud Service Appliance (CSA), is being actively exploited in the wild to grant access to restricted product functionalities. This is according to the security advisory Ivanti published earlier this week, in which it said it was “aware of a limited number of customers” who have been exploited by this vulnerability.

CSA is a gateway solution that allows secure communication between Ivanti software products (such as Ivanti Endpoint Manager) and devices outside the corporate network. It acts as a secure bridge for remote devices, enabling them to connect to internal services without the need for a VPN.

The bug is being tracked as CVE-2024-8963, and carries a severity score of 9.4. Ivanti says hackers can chain it to CVE-2024-8190, an OS command injection vulnerability, to bypass admin authentication and run arbitrary commands on the vulnerable endpoint.

End of life

The company did not say which companies were targeted, or by whom.

The bug was “incidentally addressed” as part of CSA 4.6 Patch 519, and CSA 5.0: “Ivanti is disclosing a critical vulnerability in Ivanti CSA 4.6 which was incidentally addressed in the patch released on 10 September (CSA 4.6 Patch 519),” the company said. It stressed that CSA 4.6 is past its end-of-life date, and as such no longer receives patches for OS or third-party libraries.

“Additionally, with the end-of-life status the fix released on 10 September is the last fix Ivanti will backport to that version,” the company concluded. “Customers must upgrade to Ivanti CSA 5.0 for continued support. CSA 5.0 is the only supported version of the product and is not affected by this vulnerability.”

Since the bug is actively exploited, the US Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities (KEV) catalog recently, forcing government agencies to patch up by October 10, The Hacker News found.

Via The Hacker News

More from TechRadar Pro

https://cdn.mos.cms.futurecdn.net/j5YMwZuuKnvAXLyKBEmDrb-1200-80.jpg

Source link

How to watch Tottenham vs Brentford live streams online

Apache HugeGraph-Server flaw actively exploited, CISA warns

Chat with this AI chatbot to find everything you want to buy

The cheapest AirPods sales and deals in September 2024

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

People are driving through flames to escape this California wildfire

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

‘Heathers’ is still the best dark comedy about high school hell

hdb financial services ipo: HDFC Bank approves IPO of HDB Financial Services with fresh equity sale of Rs 2,500 crore

Bloom Energy stock retains Outperform rating, $15 target By Investing.com

Salesforce shares surge on Benioff’s billion-agent AI strategy

India’s Solar Energy Corporation mulls IPO, to invest $2.2 billion in renewables by 2030

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Critical Ivanti Cloud Service Appliance flaw exploited in the wild

hdb financial services ipo: HDFC Bank approves IPO of HDB Financial Services with fresh equity sale of Rs 2,500 crore

Bloom Energy stock retains Outperform rating, $15 target By Investing.com

How to watch Tottenham vs Brentford live streams online

Salesforce shares surge on Benioff’s billion-agent AI strategy

Leave a reply Cancel reply