Vulnerability Management, Patch/Configuration Management, Threat Intelligence

Attacks leveraging Ivanti CSA vulnerability ongoing

Share
binary code and magnifying glass

Intrusions exploiting a recently addressed high-severity operating system command injection flaw in Ivanti Cloud Service Appliance, tracked as CVE-2024-8190, have already compromised a "limited number" of users, reports The Hacker News.

Additional details regarding the attacks and their perpetrators have not been provided but the vulnerability, which impacts Ivanti CSA 4.6 that has recently reached end-of-life, could be leveraged to enable remote code execution, according to Ivanti, which urged immediate upgrades to Ivanti CSA 5.0. Active attacks targeted at vulnerable Ivanti CSA instances have prompted the flaw's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the issue by October 4. Such a development comes amid a Horizon3.ai report detailing an already-patched maximum severity deserialization bug in Ivanti Endpoint Manager, tracked as CVE-2024-29847, which could also be leveraged to facilitate remote code execution.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.