A critical vulnerability in Ivanti’s Cloud Service Appliance (CSA) has been actively exploited by attackers. The flaw, tracked as CVE-2024-8190, allows attackers to gain unauthorized access to sensitive data and execute arbitrary commands on vulnerable systems. The vulnerability exists in the CSA’s authentication mechanism and can be exploited by attackers who can send specially crafted requests to the CSA. This attack vector allows attackers to bypass the CSA’s security measures and gain access to the underlying operating system. The vulnerability has been exploited in the wild by a suspected nation-state adversary. There are strong indications that China is behind the attacks. Organizations using Ivanti CSA should prioritize patching the vulnerability immediately to reduce their risk of being compromised.
Cisco has released its October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. This publication addresses multiple vulnerabilities within Cisco’s ASA, FMC, and FTD products, some of which are actively being exploited by attackers. These vulnerabilities, if left unpatched, could allow attackers to gain control of affected systems. CISA strongly encourages users and administrators to review the provided advisory and apply the necessary updates promptly to mitigate the risk of compromise.