Read more: informationsecuritybuzz.com
A critical vulnerability, tracked as CVE-2024-8190, in Ivanti’s Cloud Service Appliance (CSA) version 4.6 has been actively exploited by attackers. This vulnerability allows for arbitrary code execution on the underlying operating system if an attacker gains administrative privileges, likely through weak passwords or brute-force attacks. Ivanti strongly recommends upgrading to CSA version 5.0 to mitigate this risk, as version 4.6 has reached end-of-life. This incident highlights the importance of timely software updates to address security vulnerabilities before they are exploited by malicious actors.