Ivanti warned that a newly patched vulnerability, tracked as CVE-2024-8190 (CVSS score of 7.2), in its Cloud Service Appliance (CSA) is being actively exploited. <\/p>\n\n\n\n
“Following public disclosure, Ivanti has confirmed exploitation of this vulnerability in the wild. At the time of this update, we are aware of a limited number of customers who have been exploited.” reads the update<\/a> provided by the company on September 13, 2024.<\/em><\/p>\n\n\n\n
“An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.” reads the advisory<\/a>.\u00a0<\/em><\/p>\n\n\n\n
Ivanti released a security update for Ivanti CSA 4.6 to address the vulnerability. <\/p>\n\n\n\n
The company note that CSA 4.6 is End-of-Life<\/a>, and no longer receives updates for OS or third-party libraries. Customers must upgrade to Ivanti CSA 5.0 for continued support, this version is not impacted by this vulnerability. \u00a0
Recently cybersecurity firm Horizon3.ai published a technical analysis<\/a> of an Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data issue, tracked as CVE-2024-29847, that could allow remote code execution.<\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/strong><\/a><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, Cloud Service Appliance)\u00a0<\/strong><\/p>\n\n\n\n