- Ivanti finds 10/10 flaw in the Cloud Services Appliance
- It allows hackers to gain administrative privileges
- The bug was fixed in version 5.0.3, with users urged to update now
Ivanti is warning customers an older version of its Cloud Services Appliance (CSA) solution was found vulnerable to a maximum-severity (10/10) security vulnerability, and has urged them to upgrade to the newest version as soon as possible.
The critical flaw is described as an authentication bypass in the admin web console version CSA 5.0.2, and could allow remote, unauthenticated attackers to gain administrative privileges.
The bug, tracked as CVE-2024-11639, was given the maximum severity score since it does not require any user interaction to be abused, whatsoever.
To address the flaw, users should upgrade their appliances to version 5.0.3 – but fortunately there is still no evidence of abuse in the wild.
No evidence of abuse – yet
“We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program,” Ivanti noted, adding that a PoC was not yet published anywhere. “Currently, there is no known public exploitation of these vulnerabilities that could be used to provide a list of indicators of compromise.”
If history is any teacher, though, critical CSA vulnerabilities end up getting exploited sooner or later.
In late September 2024, it was reported that a critical path traversal vulnerability in CSA was being actively exploited in the wild to grant access to restricted product functionalities. The bug was even added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. It was fixed with version 5.0.
Ivanti CSA is a platform that provides cloud-based solutions for security, automation, and operations. It integrates Ivanti’s various IT management capabilities into an all-encompassing cloud environment. The appliance allows businesses to streamline their IT operations, offering features such as endpoint management, patch management, software distribution, and vulnerability scanning in a cloud-based architecture.
Via BleepingComputer