December 11, 2024 at 06:19AM
Ivanti announced patches for 11 vulnerabilities, including five critical-severity bugs affecting Cloud Services Application, Connect Secure, and Policy Secure. Notably, CVE-2024-11639, with a CVSS score of 10, allows authentication bypass. Users are urged to update their systems. No evidence of exploitation has been reported.
### Meeting Takeaways
1. **Ivanti Vulnerability Patches:**
– Ivanti announced patches for **11 vulnerabilities** across its products, including **five critical-severity vulnerabilities**.
2. **Critical Vulnerabilities:**
– The most severe vulnerability is **CVE-2024-11639** (CVSS score of **10/10**), an authentication bypass in the **Cloud Services Application (CSA)**, allowing remote, unauthenticated access to the administrator web console.
– Two additional critical vulnerabilities in CSA:
– **CVE-2024-11772** (Command Injection, CVSS score **9.1**)
– **CVE-2024-11773** (SQL Injection, CVSS score **9.1**)
– Users are advised to upgrade to **CSA version 5.0.3** to mitigate these risks.
3. **Connect Secure (ICS) and Ivanti Policy Secure (IPS):**
– Two critical vulnerabilities (**CVE-2024-11633** and **CVE-2024-11634**, CVSS score **9.1**) allow for remote code execution through argument injection and command injection.
– Updates are available in **ICS version 22.7R2.4** and **IPS version 22.7R1.2**.
4. **High-Severity Vulnerabilities in Other Products:**
– High-severity issues in **Sentry**, **Desktop and Server Management (DSM)**, and **Patch SDK** could permit attackers to modify sensitive components or delete files (tracked as **CVE-2024-10256**).
– This flaw also affects several other products including **Endpoint Manager (EPM)** and **Security Controls**.
5. **Exploitation Status:**
– Ivanti stated there is no evidence of these vulnerabilities being exploited in the wild.
6. **Additional Information:**
– For more comprehensive details, refer to Ivanti’s December security update post.
### Immediate Action:
– Users of Ivanti products should **update their appliances** and software to the latest versions to address these vulnerabilities promptly.