Ivanti warns it has found another major security flaw in its systems

Image Credit: Shutterstock (Image credit: Shutterstock)

Ivanti finds 10/10 flaw in the Cloud Services Appliance
It allows hackers to gain administrative privileges
The bug was fixed in version 5.0.3, with users urged to update now

Ivanti is warning customers an older version of its Cloud Services Appliance (CSA) solution was found vulnerable to a maximum-severity (10/10) security vulnerability, and has urged them to upgrade to the newest version as soon as possible.

The critical flaw is described as an authentication bypass in the admin web console version CSA 5.0.2, and could allow remote, unauthenticated attackers to gain administrative privileges.

The bug, tracked as CVE-2024-11639, was given the maximum severity score since it does not require any user interaction to be abused, whatsoever.

No evidence of abuse - yet

"We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program," Ivanti noted, adding that a PoC was not yet published anywhere. "Currently, there is no known public exploitation of these vulnerabilities that could be used to provide a list of indicators of compromise."

If history is any teacher, though, critical CSA vulnerabilities end up getting exploited sooner or later.

In late September 2024, it was reported that a critical path traversal vulnerability in CSA was being actively exploited in the wild to grant access to restricted product functionalities. The bug was even added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. It was fixed with version 5.0.

Ivanti CSA is a platform that provides cloud-based solutions for security, automation, and operations. It integrates Ivanti’s various IT management capabilities into an all-encompassing cloud environment. The appliance allows businesses to streamline their IT operations, offering features such as endpoint management, patch management, software distribution, and vulnerability scanning in a cloud-based architecture.

Via BleepingComputer

Critical Ivanti Cloud Service Appliance flaw exploited in the wild
Here's a list of the best antivirus
These are the best endpoint protection tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.