Vulnerability Management, Threat Intelligence

Another Ivanti CSA vulnerability leveraged in ongoing attacks

Share
A bug in the code. Error detection. Troubleshooting. Debugging, testing and code review. Determine the cause of equipment failure. Programming. Fault or glitch that causes software to malfunction

Attacks involving a recently addressed critical Ivanti Cloud Service Appliance path traversal flaw, tracked as CVE-2024-8963, were observed to have impacted some users, who could be at risk of having their appliances' restricted functionality remotely compromised, reports SecurityWeek.

Such a development comes less than a week after the confirmed exploitation of the high-severity operating system command injection bug in CSA, tracked as CVE-2024-8190, which was believed to have been used alongside another vulnerability due to its admin privilege requirement. "If CVE-2024-8963 is used in conjunction with CVE-2024-8190 an attacker can bypass admin authentication and execute arbitrary commands on the appliance," said Ivanti, which recommended the immediate application of CSA 4.6 Patch 519 and CSA 5.0 to remediate the issue. Active intrusions targeting vulnerable Ivanti CSA instances have also prompted the inclusion of CVE-2024-8963 to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies ordered to implement fixes by Oct. 10.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.