A critical vulnerability (CVE-2024-8190) in Ivanti’s Cloud Services Appliance (CSA) has been actively exploited by malicious actors. This vulnerability allows attackers to gain unauthorized access and control of affected systems via OS command injection. The flaw specifically impacts older versions of CSA, including 4.6 (all versions before patch 519). The use of older versions of products can cause a lot of problems, as attackers can utilize old exploits against vulnerable products and systems. The urgency of this situation highlights the need for organizations to update their CSA software to the latest patched version or, if they have versions older than CSA 5.0, to consider adopting a newer product which has been properly secured. CISA advises that affected users immediately upgrade to CSA version 5.0, or a newer version.
The Cybersecurity and Infrastructure Security Agency (CISA) has added multiple vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, reflecting a surge in attacks targeting critical systems. These include vulnerabilities in Apache HugeGraph-Server (CVE-2024-27348) and Ivanti Cloud Service Appliance (CVE-2024-8963). Organizations are urged to prioritize patching these vulnerabilities to mitigate the risk of exploitation. The growing number of vulnerabilities being actively exploited underscores the importance of maintaining up-to-date security measures to protect systems from attackers who are actively scanning the internet for vulnerable systems.