September 20, 2024 at 01:33AM
Ivanti disclosed active exploitation of a critical security flaw in Cloud Service Appliance (CSA), with remote unauthenticated attacker access. The vulnerability, CVE-2024-8963, carries a CVSS score of 9.4 and can be combined with CVE-2024-8190 for arbitrary command execution. CSA 4.6 Patch 519 and CSA 5.0 address the issue. CISA has added it to Known Exploited Vulnerabilities catalog, requiring fixes by October 10, 2024.
Key takeaways from the meeting notes:
– Ivanti has disclosed a critical security flaw (CVE-2024-8963) impacting Cloud Service Appliance (CSA) that is actively being exploited in the wild.
– The vulnerability carries a CVSS score of 9.4 and was addressed in CSA 4.6 Patch 519 and CSA 5.0.
– The flaw allows a remote unauthenticated attacker to access restricted functionality and can be chained with CVE-2024-8190 to bypass admin authentication and execute arbitrary commands.
– Ivanti is aware of a limited number of customers who have been exploited by this vulnerability.
– The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the fixes by October 10, 2024.
– Users are strongly recommended to upgrade to CSA version 5.0 as version 4.6 is end-of-life and no longer supported.