Ivanti warns it has found another major security flaw in its systems
Critical 10/10 flaw could allow crooks system access without user interaction
- Ivanti finds 10/10 flaw in the Cloud Services Appliance
- It allows hackers to gain administrative privileges
- The bug was fixed in version 5.0.3, with users urged to update now
Ivanti is warning customers an older version of its Cloud Services Appliance (CSA) solution was found vulnerable to a maximum-severity (10/10) security vulnerability, and has urged them to upgrade to the newest version as soon as possible.
The critical flaw is described as an authentication bypass in the admin web console version CSA 5.0.2, and could allow remote, unauthenticated attackers to gain administrative privileges.
The bug, tracked as CVE-2024-11639, was given the maximum severity score since it does not require any user interaction to be abused, whatsoever.
To address the flaw, users should upgrade their appliances to version 5.0.3 - but fortunately there is still no evidence of abuse in the wild.
No evidence of abuse - yet
"We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program," Ivanti noted, adding that a PoC was not yet published anywhere. "Currently, there is no known public exploitation of these vulnerabilities that could be used to provide a list of indicators of compromise."
If history is any teacher, though, critical CSA vulnerabilities end up getting exploited sooner or later.
In late September 2024, it was reported that a critical path traversal vulnerability in CSA was being actively exploited in the wild to grant access to restricted product functionalities. The bug was even added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. It was fixed with version 5.0.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Ivanti CSA is a platform that provides cloud-based solutions for security, automation, and operations. It integrates Ivanti’s various IT management capabilities into an all-encompassing cloud environment. The appliance allows businesses to streamline their IT operations, offering features such as endpoint management, patch management, software distribution, and vulnerability scanning in a cloud-based architecture.
Via BleepingComputer
You might also like
- Critical Ivanti Cloud Service Appliance flaw exploited in the wild
- Here's a list of the best antivirus
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.