Ivanti disclosed that a critical security flaw affecting Cloud Service Appliance (CSA) is currently being actively exploited by malicious actors.
The newly identified vulnerability, known as CVE-2024-8963, has been rated with a CVSS score of 9.4 out of 10.0. The issue was addressed by the company in CSA 4.6 Patch 519 and CSA 5.0.
“Ivanti CSA is vulnerable to Path Traversal prior to version 4.6 Patch 519, allowing unauthorized remote attackers to access restricted functions,” the company stated in a bulletin released on Thursday.
It was also noted that this flaw could be combined with CVE-2024-8190 (CVSS score: 7.2), enabling attackers to bypass admin authentication and run arbitrary commands on the appliance.
Ivanti has also alerted that a few customers have fallen victim to this vulnerability, following the disclosure of active exploitation attempts targeting CVE-2024-8190.
This suggests that threat actors are exploiting both vulnerabilities to execute code on vulnerable devices.
This development prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to issue an alert and include the vulnerability in its Known Exploited Vulnerabilities (KEV) catalog, mandating federal agencies to apply fixes by October 10, 2024.
Users are strongly advised to update to CSA version 5.0 promptly, as version 4.6 is no longer supported.
