Tech News

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

By Viral Trending Content 3 Min Read

Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence

Cloud Appliance Vulnerability

Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.

The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.

“An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution,” Ivanti noted in an advisory released earlier this week. “The attacker must have admin level privileges to exploit this vulnerability.”

Cybersecurity

The flaw impacts Ivanti CSA 4.6, which has currently reached end-of-life status, requiring that customers upgrade to a supported version going forward. That said, it has been addressed in CSA 4.6 Patch 519.

“With the end-of-life status this is the last fix that Ivanti will backport for this version,” the Utah-based IT software company added. “Customers must upgrade to Ivanti CSA 5.0 for continued support.”

“CSA 5.0 is the only supported version and does not contain this vulnerability. Customers already running Ivanti CSA 5.0 do not need to take any additional action.”

On Friday, Ivanti updated its advisory to note that it observed confirmed exploitation of the flaw in the wild targeting a “limited number of customers.”

It did not reveal additional specifics related to the attacks or the identity of the threat actors weaponizing it, however, a number of other vulnerabilities in Ivanti products have been exploited as a zero-day by China-nexus cyberespionage groups.

Cybersecurity

The development has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add the shortcoming to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the fixes by October 4, 2024.

The disclosure also comes as cybersecurity company Horizon3.ai posted a detailed technical analysis of a critical deserialization vulnerability (CVE-2024-29847, CVSS score: 10.0) impacting Endpoint Manager (EPM) that results in remote code execution.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

You Might Also Like

Enterprise Ireland leads Irish Tech Delegation Targets Nordic Growth and VC Funding at Slush 2025

Gemini 3 Is Here—and Google Says It Will Make Search Smarter

Learn How Leading Companies Secure Cloud Workloads and Infrastructure at Scale

Cloudflare outage disrupts X, OpenAI and more

xAI Grok 4.1, Better EQ, Fewer Hallucinations, Faster Logic

TAGGED: , , , , , , , , ,
Share This Article
Previous Article This Digital Archivist Believes Hollywood’s ‘Competition Era’ Is Over
Next Article Tracking Investigations In Eric Adams’s Orbit
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

- Advertisement -

Latest News

US Banks Authorized To Hold Crypto For Blockchain Transaction Fees, OCC Reveals
Crypto
Half the Internet just broke: Cloudflare crash sparks global chaos
World News
Meta prevails in historic FTC antitrust case, won’t have to break off WhatsApp, Instagram
Business
Enterprise Ireland leads Irish Tech Delegation Targets Nordic Growth and VC Funding at Slush 2025
Tech News
France’s TotalEnergies accused of complicity in ‘civilian massacre’ in Mozambique
Business
Central Asia and South Caucasus forge stronger ties at Tashkent summit
World News
Here’s why the Nvidia stock price matters even if you don’t own it!
Business
Lost your password?