CyberSecurity news
FlagThis
@thecyberexpress.com
//
US cybersecurity agencies, CISA and the FBI, have issued warnings regarding the active exploitation of four critical vulnerabilities within Ivanti Cloud Service Appliances (CSA). These flaws, designated as CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380, are being leveraged by Chinese state-sponsored actors to breach vulnerable networks. The agencies released detailed technical information, including indicators of compromise (IOCs), highlighting that attackers are using two primary exploit chains to gain unauthorized access, execute arbitrary code, and implant webshells on victim systems.
Specifically, one exploit chain combines CVE-2024-8963, CVE-2024-8190, and CVE-2024-9380, while the other uses CVE-2024-8963 along with CVE-2024-9379. These vulnerabilities affect Ivanti CSA versions 4.6x before 519, and versions 5.0.1 and below for CVE-2024-9379 and CVE-2024-9380. Notably, CSA version 4.6 is end-of-life and does not receive security patches, making it particularly susceptible. The agencies urge organizations to apply patches promptly and implement robust security measures to defend against these active threats, further highlighting the speed at which disclosed vulnerabilities are weaponized.
ImgSrc: thecyberexpress
References :
Specifically, one exploit chain combines CVE-2024-8963, CVE-2024-8190, and CVE-2024-9380, while the other uses CVE-2024-8963 along with CVE-2024-9379. These vulnerabilities affect Ivanti CSA versions 4.6x before 519, and versions 5.0.1 and below for CVE-2024-9379 and CVE-2024-9380. Notably, CSA version 4.6 is end-of-life and does not receive security patches, making it particularly susceptible. The agencies urge organizations to apply patches promptly and implement robust security measures to defend against these active threats, further highlighting the speed at which disclosed vulnerabilities are weaponized.
ImgSrc: thecyberexpress
Share:
References :
- ciso2ciso.com: FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know
- Pyrzout :vm:: Four Critical Ivanti CSA Vulnerabilities Exploited—CISA and FBI Urge Mitigation
- www.bleepingcomputer.com: CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks.
- thecyberexpress.com: Four Critical Ivanti CSA Vulnerabilities Exploited—CISA and FBI Urge Mitigation
- www.helpnetsecurity.com: Report on Cisco's fixes for ClamAV vulnerability and a critical Meeting Management flaw.
- www.scworld.com: Ivanti CSA exploit chains examined in joint CISA, FBI advisory
- : CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
- ciso2ciso.com: FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know – Source: www.securityweek.com
- Pyrzout :vm:: Anatomy of an Exploit Chain: CISA, FBI Detail Ivanti CSA Attacks – Source:cyble.com #'Cyber
- securityonline.info: CISA and FBI Warn of Exploited Ivanti CSA Vulnerabilities in Joint Security Advisory
- securityonline.info: CISA and FBI Warn of Exploited Ivanti CSA Vulnerabilities in Joint Security Advisory
- ciso2ciso.com: Anatomy of an Exploit Chain: CISA, FBI Detail Ivanti CSA Attacks
Classification:
- HashTags: #Ivanti #Vulnerability #Exploit
- Company: Ivanti
- Target: Ivanti CSA Users
- Product: CSA
- Feature: Exploit Chain
- Type: Vulnerability
- Severity: Critical