FlagThis

References :

• www.fortinet.com: Fortinet researchers have observed active exploitation of the Ivanti vulnerabilities, suggesting a nation-state adversary may be behind the attacks.
• www.ivanti.com: This blog post from Ivanti provides details about the security updates released in October 2024, addressing vulnerabilities in their products.
• cyble.com: Weekly IT Vulnerability Report: Cyble Urges Fixes for Ivanti, Microsoft Dark Web Exploits
• Alerts: CISA adds the Ivanti CSA vulnerability CVE-2024-9380 to its Known Exploited Vulnerabilities Catalog, signifying its high risk to the federal enterprise.

Classification:

• HashTags: #Ivanti #CSA #Vulnerability #CyberSecurity #Patching
• Company: Ivanti
• Target: Ivanti CSA devices
• Product: Cloud Services Appliance (CSA)
• Feature: Secure Communication and Manag
• Malware: CVE-2024-9379, CVE-2024-9380, CVE-2024-9381
• Type: Vulnerability
• Severity: Critical