#IvantiAdvisory

Ivanti Cloud Bug Goes Under Exploit After Alarms Are Raised

by

September 16, 2024 at 05:20PM Ivanti alerted customers about the active exploitation of a high-severity vulnerability (CVE-2024-8190) in its Cloud Service Appliance (CSA). The company recommended upgrading to CSA 5.0 to remediate the bug, warning that unauthorized access is possible with a CVSS score of 7.2. Users are urged to update to the latest version … Read more

Ivanti warns of critical vTM auth bypass with public exploit

by

August 13, 2024 at 11:31AM Ivanti urged customers to patch critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances. The flaw, tracked as CVE-2024-7593, allows remote unauthenticated attackers to create rogue administrator accounts. Ivanti advises restricting access to vTM management interface and upgrading to the latest patched versions to mitigate the risk. Key … Read more