December 10, 2024 at 10:12PM
Ivanti has issued security updates for critical vulnerabilities in its Cloud Services Application and Connect Secure products, including flaws allowing privilege escalation and remote code execution. Users are urged to update to the latest versions as active exploitation has been a concern, despite Ivanti not having awareness of current attacks.
**Meeting Takeaways – Dec 11, 2024**
**Participants:** Ravie Lakshmanan
**Subject:** Vulnerability / Network Security
**Key Points:**
1. **Security Updates Released by Ivanti:**
– Ivanti has issued critical security updates for its Cloud Services Application (CSA) and Connect Secure to address multiple vulnerabilities.
2. **Vulnerabilities Identified:**
– **CVE-2024-11639** (CVSS 10.0): Authentication bypass in admin console of CSA allowing remote unauthenticated access.
– **CVE-2024-11772** (CVSS 9.1): Command injection in CSA admin console for remote authenticated attackers with admin access.
– **CVE-2024-11773** (CVSS 9.1): SQL injection in CSA admin console for remote authenticated attackers with admin access.
– **CVE-2024-11633** (CVSS 9.1): Argument injection in Connect Secure impacting remote authenticated admin users with code execution capabilities.
– **CVE-2024-11634** (CVSS 9.1): Command injection in Connect Secure and Policy Secure for remote authenticated admin users leading to code execution.
– **CVE-2024-8540** (CVSS 8.8): Insecure permissions in Sentry allowing local authenticated attackers to alter sensitive components.
3. **Fixed Versions for Vulnerabilities:**
– **Ivanti Cloud Services Application:** 5.0.3
– **Ivanti Connect Secure:** 22.7R2.4
– **Ivanti Policy Secure:** 22.7R1.2
– **Ivanti Sentry:** 9.20.2, 10.0.2, 10.1.0
4. **Urgency for Users:**
– While no active exploitation of these vulnerabilities has been reported, Ivanti advises users to act swiftly due to past instances of state-sponsored attacks exploiting similar flaws.
**Action Items:**
– Ensure that all relevant Ivanti products are updated to the patched versions to mitigate risks associated with identified vulnerabilities.
**Additional Note:**
– For ongoing updates and exclusive content, follow Ivanti on Twitter and LinkedIn.