September 18, 2024
Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability
Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances. "An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows

Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence

Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.

The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.

“An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution,” Ivanti noted in an advisory released earlier this week. “The attacker must have admin level privileges to exploit this vulnerability.”

The flaw impacts Ivanti CSA 4.6, which has currently reached end-of-life status, requiring that customers upgrade to a supported version going forward. That said, it has been addressed in CSA 4.6 Patch 519.

“With the end-of-life status this is the last fix that Ivanti will backport for this version,” the Utah-based IT software company added. “Customers must upgrade to Ivanti CSA 5.0 for continued support.”

“CSA 5.0 is the only supported version and does not contain this vulnerability. Customers already running Ivanti CSA 5.0 do not need to take any additional action.”

On Friday, Ivanti updated its advisory to note that it observed confirmed exploitation of the flaw in the wild targeting a “limited number of customers.”

It did not reveal additional specifics related to the attacks or the identity of the threat actors weaponizing it, however, a number of other vulnerabilities in Ivanti products have been exploited as a zero-day by China-nexus cyberespionage groups.

The development has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add the shortcoming to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the fixes by October 4, 2024.

The disclosure also comes as cybersecurity company Horizon3.ai posted a detailed technical analysis of a critical deserialization vulnerability (CVE-2024-29847, CVSS score: 10.0) impacting Endpoint Manager (EPM) that results in remote code execution.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Related News

Why Pay A Pentester? Why Pay A Pentester?

Why Pay A Pentester?

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging

GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging

You may have missed

Why Pay A Pentester? Why Pay A Pentester?

Why Pay A Pentester?

Infinix Zero 40 5G With AI Features Launched in India: See Price Infinix Zero 40 5G With AI Features Launched in India: See Price

Infinix Zero 40 5G With AI Features Launched in India: See Price

Honor’s Tri-Fold Phone Might Be Thinner Than the Huawei Mate XT Ultimate Honor's Tri-Fold Phone Might Be Thinner Than the Huawei Mate XT Ultimate

Honor’s Tri-Fold Phone Might Be Thinner Than the Huawei Mate XT Ultimate

Trump and Vance Are Harming the People They Claim to Care About

Trump and Vance Are Harming the People They Claim to Care About

Volkswagen recalls vehicles for doors opening unexpectedly while driving

Volkswagen recalls vehicles for doors opening unexpectedly while driving

PlaqueTec and RxCelerate collaborate on early phase drug discovery for coronary artery disease

PlaqueTec and RxCelerate collaborate on early phase drug discovery for coronary artery disease