Ivanti confirms attackers exploit CSA vulnerability CVE-2024-8190; CISA urges immediate action.

Ivanti confirmed that a serious vulnerability in its Cloud Service Appliance (CSA), identified as CVE-2024-8190, has been exploited by attackers. This OS command injection flaw affects versions prior to patch 519, including the unsupported CSA 4.6. Ivanti recommends users upgrade to version 5.0 for support. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory emphasizing the urgency of addressing this issue.

September 13, 2024
3 Articles

Further Reading