Ivanti Alerts Customers to New Vulnerabilities in Cloud Services Appliance

Ivanti has issued a notification regarding three newly identified vulnerabilities in its Cloud Services Appliance (CSA), emphasizing the significance of these issues due to their active exploitation in the wild. These vulnerabilities have surfaced amid ongoing concerns about the security of the platform.

According to the company, there is currently limited exploitation of the listed vulnerabilities—CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381. These are being utilized in conjunction with a previously disclosed zero-day vulnerability (CVE-2024-8963) that also affects the CSA.

The first vulnerability, CVE-2024-9379, has been assigned a CVSS rating of 6.5, allowing a remote authenticated attacker to execute SQL statements under certain conditions. The second, CVE-2024-9380, has a higher CVSS score of 7.2, representing an operating system command injection vulnerability. This flaw can potentially enable a remote authenticated attacker to achieve remote code execution with administrative privileges. Lastly, CVE-2024-9381 also has a CVSS score of 7.2 and pertains to a path traversal vulnerability in CSA versions prior to 5.0, allowing authenticated attackers to bypass established restrictions.

These vulnerabilities were identified in systems operating on CSA version 4.6 patch 518 or earlier. Importantly, Ivanti has noted that no exploitation attempts have been detected in environments utilizing CSA 5.0.

In their advisory, Ivanti recommends that users thoroughly review their CSAs for any unauthorized modifications or additions to administrative accounts. They also advise scrutinizing Endpoint Detection and Response (EDR) alerts if such security measures are in place. Given that the CSA functions as an edge device, Ivanti emphasizes the importance of a multi-layered security approach, which includes the deployment of EDR solutions on the appliance.

For users who suspect their systems may have been compromised, a complete rebuild of the CSA using version 5.0 is strongly recommended to mitigate potential risks.

Source
www.darkreading.com

Three Additional Ivanti Cloud Vulnerabilities Actively Exploited in the Wild

Ivanti Alerts Customers to New Vulnerabilities in Cloud Services Appliance

Navigating the CISO Cloud Security Dilemma: Purchase, Build, or a Combination of Both?

Cyberkriminelle optimieren ihre Angriffsstrategien.

CNAPP-Kaufberatung

Panchayat Makes History as the First Series Featured at WAVES 2025

April 30: CBS News 24/7 at 4 PM ET

Your Wait Is Finally Over: New Leak Reveals Galaxy S25 Edge Launching This Month!

Breaking news

Panchayat Makes History as the First Series Featured at WAVES 2025

April 30: CBS News 24/7 at 4 PM ET

Arrested in California: Illegal Immigrant with Weapons Conviction

Robert F. Kennedy Jr. Advocates for Placebo Testing of All New Vaccines, According to WaPo Reports

Filipino Chef Channels Skills to Support Victims of Vancouver’s Lapu Lapu Tragedy

Netanyahu Faces Pressure as Reservists Voice Opposition to Gaza War

Arjun Kapoor Responds to Shanaya Kapoor and Vikrant Massey’s Motion Poster of “Aankhon Ki Gustaakhiyan”