Ivanti Reports Exploitation Of Cloud Gateway Vulnerability
- by nlqip
The high-severity flaw in Ivanti’s Cloud Service Appliance (CSA) can be used to enable remote execution of code, the vendor says.
Ivanti said Friday that a previously disclosed vulnerability in its Cloud Service Appliance (CSA) gateway has now seen exploitation by threat actors.
As of Ivanti’s disclosure Friday, attacks exploiting the high-severity flaw had only impacted a “limited number” of CSA customers, the vendor said.
[Related: Network Security Devices Are The Front Door To An IT Environment, But Are They Under Lock And Key?]
The vulnerability (tracked at CVE-2024-8190) can be used to enable unauthenticated remote execution of code on affected appliances and affects CSA version 4.6, which is no longer supported by Ivanti.
In effect, that means the issue affects all versions of the appliance prior to patch 519, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which issued an advisory Friday on the vulnerability.
“At this time, Ivanti has confirmed limited exploitation and urges its customers using the affected versions to upgrade to CSA version 5.0,” the cybersecurity agency said in its advisory.
The OS command injection vulnerability was initially disclosed by Ivanti on Tuesday.
“Following public disclosure, Ivanti has confirmed exploitation of this vulnerability in the wild,” the vendor said. “At the time of this update, we are aware of a limited number of customers who have been exploited.”
CRN has reached out to Ivanti for further comment.
The vulnerability has received a severity rating of “high,” with its seriousness ranked at 7.2 out of 10.0.
In its advisory Friday, CISA noted that “a cyber threat actor could exploit this vulnerability to take control of an affected system.”
Ivanti CSA 4.6 is considered “end of life,” meaning that it “no longer receives patches for OS or third-party libraries.”
“Customers must upgrade to Ivanti CSA 5.0 for continued support,” the company said in its disclosure, noting that CSA 5.0 is the “only supported version” of the appliance.
Source link
lol
The high-severity flaw in Ivanti’s Cloud Service Appliance (CSA) can be used to enable remote execution of code, the vendor says. Ivanti said Friday that a previously disclosed vulnerability in its Cloud Service Appliance (CSA) gateway has now seen exploitation by threat actors. As of Ivanti’s disclosure Friday, attacks exploiting the high-severity flaw had only…
Recent Posts
- The 10 Hottest Semiconductor Startups Of 2024
- Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
- Healthcare Ransomware Attacks: How to Prevent and Respond Effectively | BlackFog
- Black Friday Versus The Bots
- Over 2,000 Palo Alto firewalls hacked using recently patched bugs