Attacks involving a recently addressed critical Ivanti Cloud Service Appliance path traversal flaw, tracked as CVE-2024-8963, were observed to have impacted some users, who could be at risk of having their appliances' restricted functionality remotely compromised, reports SecurityWeek.
Such a development comes less than a week after the confirmed exploitation of the high-severity operating system command injection bug in CSA, tracked as CVE-2024-8190, which was believed to have been used alongside another vulnerability due to its admin privilege requirement. "If CVE-2024-8963 is used in conjunction with CVE-2024-8190 an attacker can bypass admin authentication and execute arbitrary commands on the appliance," said Ivanti, which recommended the immediate application of CSA 4.6 Patch 519 and CSA 5.0 to remediate the issue. Active intrusions targeting vulnerable Ivanti CSA instances have also prompted the inclusion of CVE-2024-8963 to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies ordered to implement fixes by Oct. 10.