Ivanti has revealed that a critical security flaw affecting the Cloud Service Appliance (CSA) is being exploited in the wild.
The new vulnerability, assigned CVE ID CVE-2024-8963, has a CVSS score of 9.4 out of a maximum of 10.0. This was “incidentally resolved” by the company as part of CSA 4.6 Patch 519 and CSA 5.0.
“Passing the path in Ivanti CSA prior to 4.6 Patch 519 allows a remote, unauthenticated attacker to gain access to limited functionality,” the company said in a statement. said in Thursday’s newsletter.
He also noted that the deficiency may be associated with CVE-2024-8190 (CVSS score: 7.2), which allows an attacker to bypass administrator authentication and execute arbitrary commands on the device.
Ivanti also warned that it is “aware of a limited number of customers who have been exploited by this vulnerability,” days after it disclosed active attempts to exploit CVE-2024-8190.
This indicates that the threat actors behind this activity are combining dual vulnerabilities to achieve code execution on vulnerable devices.
My development prompted US Cybersecurity and Infrastructure Security Agency (CISA). to add vulnerability to its known vulnerabilities used (KEV) catalog that requires federal agencies to apply the corrections by October 10, 2024.
Users are strongly encouraged to upgrade to CSA version 5.0 as soon as possible, as version 4.6 has reached end of life and is no longer supported.
