CyberSecurity updates
Updated: 2024-11-21 19:16:50 Pacfic

ciso2ciso.com
Critical Vulnerability in Ivanti Cloud Service Appliance Actively Exploited - 6d

A critical vulnerability in Ivanti’s Cloud Service Appliance (CSA) has been actively exploited by attackers. The flaw, tracked as CVE-2024-8190, allows attackers to gain unauthorized access to sensitive data and execute arbitrary commands on vulnerable systems. The vulnerability exists in the CSA’s authentication mechanism and can be exploited by attackers who can send specially crafted requests to the CSA. This attack vector allows attackers to bypass the CSA’s security measures and gain access to the underlying operating system. The vulnerability has been exploited in the wild by a suspected nation-state adversary. There are strong indications that China is behind the attacks. Organizations using Ivanti CSA should prioritize patching the vulnerability immediately to reduce their risk of being compromised.

cyble.com
Critical Vulnerabilities in Ivanti Cloud Services Appliance (CSA) - 5d

Three critical vulnerabilities, CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381, were found in Ivanti Cloud Services Appliance (CSA), a device facilitating secure communication and management of devices over the internet. CVE-2024-9379 is an SQL injection vulnerability, CVE-2024-9380 is an OS command injection flaw, and CVE-2024-9381 is a path traversal vulnerability. These vulnerabilities allow a remote authenticated attacker with admin privileges to execute arbitrary commands and bypass restrictions, potentially leading to a complete compromise of the CSA. Active exploitation of these vulnerabilities has been confirmed, and security teams are urged to prioritize patching.


This site is an experimental news aggregator using feeds I personally follow. You can reach me at Bluesky if you have feedback or comments.