Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability, tracked as CVE-2024-8963<\/a> (CVSS score of 9.4), actively exploited in attacks in the wild against a limited number of customers. The vulnerability is a path traversal security issue. <\/p>\n\n\n\n
A remote unauthenticated attacker could exploit the vulnerability to access restricted functionality.\u00a0An attacker could chain the issue with the recently disclosed flaw\u00a0CVE-2024-8190<\/a>\u00a0to bypass admin authentication and execute arbitrary commands on the appliance.\u00a0
“Ivanti is disclosing a critical vulnerability in Ivanti CSA 4.6 which was incidentally addressed in the patch released on 10 September (CSA 4.6 Patch 519). Successful exploitation could allow a remote unauthenticated attacker to access restricted functionality.” reads<\/strong><\/a> the advisory. “If CVE-2024-8963 is used in conjunction with\u00a0CVE-2024-8190<\/a>\u00a0an attacker can bypass admin authentication and execute arbitrary commands on the appliance.”\u00a0<\/em><\/p>\n\n\n\n
The company note that\u00a0CSA 4.6 is End-of-Life<\/a>, and no longer receives updates for OS or third-party libraries. Customers must upgrade to Ivanti CSA 5.0 for continued support, this version is not impacted by this vulnerability. \u00a0<\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/strong><\/a><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, Cloud Services Appliance)<\/strong><\/p>\n\n\n\n