Connect with us

Hi, what are you looking for?

News

Ivanti Releases Critical Patches for Cloud Services Appliance to Address Exploited Vulnerabilities

Ivanti Releases Critical Patches for Cloud Services Appliance to Address Exploited Vulnerabilities
Ivanti Releases Critical Patches for Cloud Services Appliance to Address Exploited Vulnerabilities

Ivanti has recently released patches to address three significant security vulnerabilities in its Cloud Services Appliance (CSA), which were being actively exploited. The CSA is an internet-based appliance designed to provide secure communication and functionality.

The vulnerabilities, identified in versions earlier than 5.0.2, include an SQL injection (CVE-2024-9379), an OS command injection (CVE-2024-9381), and a path traversal issue (CVE-2024-9380).

These flaws, with CVSS scores ranging from 6.5 to 7.2, could allow attackers to escalate privileges, execute arbitrary commands, and bypass security controls. In some cases, these vulnerabilities were being exploited in combination with a previously identified flaw, CVE-2024-8963, which Ivanti had patched in September.

The SQL injection vulnerability (CVE-2024-9379) allows remote attackers to execute arbitrary SQL queries through the CSA admin console, potentially leading to elevated privileges. The OS command injection flaw (CVE-2024-9381) could enable remote code execution, while the path traversal issue (CVE-2024-9380) lets attackers bypass certain restrictions.

Ivanti Releases Critical Patches for Cloud Services Appliance to Address Exploited Vulnerabilities

Ivanti Releases Critical Patches for Cloud Services Appliance to Address Exploited Vulnerabilities

These vulnerabilities predominantly affect organizations running older versions of CSA, especially those on version 4.6 or earlier. While Ivanti has not reported active attacks in CSA 5.0, it strongly advises users to upgrade to version 5.0.2 to mitigate potential risks.

Ivanti’s advisory highlights that customers running the outdated CSA 4.6 patch 518 or earlier have already been exploited when combining these vulnerabilities with CVE-2024-8963. The company pointed out that CSA 4.6 is now end-of-life and will no longer receive security updates.

As a result, customers are urged to upgrade to the latest version, as using older versions increases the risk of exploitation. Even though there have been no confirmed active exploits in CSA 5.0, Ivanti recommends upgrading to 5.0.2 for enhanced security.

The rising number of breaches involving cloud-based systems is concerning. Currently, cloud breaches account for 45% of all data breaches, and nearly half of all businesses have reported experiencing some form of attack. This trend has prompted Ivanti to improve its internal testing and vulnerability scanning processes.

The company has also been working to streamline its vulnerability disclosure process to respond faster to emerging threats. As part of its commitment to security, Ivanti signed the CISA Secure by Design pledge in May, emphasizing its focus on building more secure products from the start.

Along with the vulnerabilities in CSA, Ivanti disclosed two additional flaws last month: CVE-2024-8963, an admin bypass vulnerability, and CVE-2024-8190, a command injection flaw. Both of these were added to the CISA’s Known Exploited Vulnerabilities catalog, requiring federal agencies to address them by October 10.

In response to the growing number of security threats, Ivanti has made significant investments in Secure by Design initiatives and is actively working to strengthen its security practices. These efforts reflect Ivanti’s commitment to protecting its cloud services against evolving risks and ensuring customers are better protected against cyberattacks.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Tech

Threads is experimenting with a new feature that allows users to set a 24-hour timer on their posts. After this period, the post and...

News

AU10TIX, an Israeli company that verifies IDs for clients like TikTok, X, and Uber, accidentally left important admin credentials exposed for over a year....

News

Charles Hoskinson, the founder of Cardano, has voiced dissatisfaction with recent changes to Tron’s native stablecoin, USDD. He reacted to a report indicating that...

Tech

A team of international researchers has developed Live2Diff, an AI system that transforms live video streams into stylized content in near real-time. Named for...