Tech News

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

By Viral Trending Content 3 Min Read

Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence

Cloud Appliance Vulnerability

Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.

The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.

“An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution,” Ivanti noted in an advisory released earlier this week. “The attacker must have admin level privileges to exploit this vulnerability.”

Cybersecurity

The flaw impacts Ivanti CSA 4.6, which has currently reached end-of-life status, requiring that customers upgrade to a supported version going forward. That said, it has been addressed in CSA 4.6 Patch 519.

“With the end-of-life status this is the last fix that Ivanti will backport for this version,” the Utah-based IT software company added. “Customers must upgrade to Ivanti CSA 5.0 for continued support.”

“CSA 5.0 is the only supported version and does not contain this vulnerability. Customers already running Ivanti CSA 5.0 do not need to take any additional action.”

On Friday, Ivanti updated its advisory to note that it observed confirmed exploitation of the flaw in the wild targeting a “limited number of customers.”

It did not reveal additional specifics related to the attacks or the identity of the threat actors weaponizing it, however, a number of other vulnerabilities in Ivanti products have been exploited as a zero-day by China-nexus cyberespionage groups.

Cybersecurity

The development has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add the shortcoming to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the fixes by October 4, 2024.

The disclosure also comes as cybersecurity company Horizon3.ai posted a detailed technical analysis of a critical deserialization vulnerability (CVE-2024-29847, CVSS score: 10.0) impacting Endpoint Manager (EPM) that results in remote code execution.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

You Might Also Like

Google November Pixel Drop Adds 7 New Features

WIRED Roundup: Fandom in Politics, Zuckerberg’s Illegal School, and Nepal’s Discord Revolution

New Dungarvan & West Waterford Gift Card launched

Gemini 3 vs GPT-5 Pro: Coding, Math, Benchmarks & Creative Tests

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

TAGGED: , , , , , , , , ,
Share This Article
Previous Article This Digital Archivist Believes Hollywood’s ‘Competition Era’ Is Over
Next Article Tracking Investigations In Eric Adams’s Orbit
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

- Advertisement -

Latest News

Call of Duty: Black Ops 7’s Campaign is a Shocking New Low for the Genre
Gaming News
ETMarkets Smart Talk | With IPO valuations running hot, Aviva CIO sees better value in secondary markets
Business
Aave Labs Announces App Release On Apple’s Platform: Features And Expectations
Crypto
Shelters plea for Gazans as winter rains raise fears of more disease and death
World News
Ripple price forecast: Will XRP reclaim $2.5 soon?
Crypto
Google November Pixel Drop Adds 7 New Features
Tech News
EU countries should have ‘multiple’ security guarantees beyond Article 5, Kubilius says
World News
Lost your password?