IT management solutions provider Ivanti confirmed that a high-severity flaw patched this week in an older version of its Cloud Service Appliance (CSA) has been exploited in attacks. The vulnerability was fixed as part of the company’s September security update, which also included patches for critical and high-severity flaws in other products.
Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.
The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.
“An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution,” Ivanti noted in an advisory released earlier this week. “The attacker must have admin level privileges to exploit this vulnerability.”
- The flaw impacts Ivanti CSA 4.6, which has currently reached end-of-life status, requiring that customers upgrade to a supported version going forward. That said, it has been addressed in CSA 4.6 Patch 519.
“With the end-of-life status this is the last fix that Ivanti will backport for this version,” the Utah-based IT software company added. “Customers must upgrade to Ivanti CSA 5.0 for continued support.”
“CSA 5.0 is the only supported version and does not contain this vulnerability. Customers already running Ivanti CSA 5.0 do not need to take any additional action.”
The company updated its advisory to note that it observed confirmed exploitation of the flaw in the wild targeting a “limited number of customers.”
