Ivanti Cloud Bug Goes Under Exploit After Alarms Are Raised

  /     /     /  
Publicated : 23/11/2024   Category : security

Ivanti Cloud Bug Goes Under Exploit After Alarms Are Raised


Three days after Ivanti published an advisory about the high-severity vulnerability CVE-2024-8190, threat actors began to abuse the flaw.


Just days after
Ivanti released an advisory
regarding a high-severity vulnerability in its Cloud Service Appliance (CSA), the company is alerting customers that the flaw is now being exploited in the wild. 
Ivanti initially disclosed the vulnerability, tracked as CVE-2024-8190, on Sept. 10, warning customers that it could allow unauthorized access to their devices. With a CVSS score of 7.2 out of 10, the attacker must have administrator-level privileges in order to exploit the vulnerability.
To remediate the bug, Ivanti recommended that users upgrade from Ivanti CSA 4.6 to CSA 5.0. In addition, CSA 4.6 Patch 518 customers can update to Patch 519, however, upgrading to CSA 5.0 remains the best option, the company noted.
On Sept. 13, 
Ivanti updated its advisory
, making its customers aware that it knew of the active exploitation of the vulnerability.
At the time of the September 13 update, exploitation of a limited number of customers has been confirmed following public disclosure, said the advisory.
Users should update to the latest version of the appliance as soon as possible.
If users find that they have been compromised before they can apply the recommended patch, according to the company, they can log a case or request a call through the
Ivanti Success Portal
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Ivanti Cloud Bug Goes Under Exploit After Alarms Are Raised