{"id":5309,"date":"2024-09-13T14:51:33","date_gmt":"2024-09-13T19:51:33","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=81744"},"modified":"2024-09-13T14:51:33","modified_gmt":"2024-09-13T19:51:33","slug":"cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/09\/13\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product\/","title":{"rendered":"CISA warns of hackers exploiting bug for end-of-life Ivanti product"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/ivanti-vulnerability-cisa-kev\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<header class=\"site-header\" aria-label=\"Scoop News Group Header\" role=\"banner\"> <\/header>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.952380952381\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"7\">\n<p>Voting is open for the 2024 CyberScoop 50 awards!&nbsp;<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/vote\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"0.87179487179487\">\n<div class=\"single-article__header-content\" readability=\"6.041095890411\">\n<p> Ivanti&#8217;s Cloud Service Appliance has a &#8220;high severity vulnerability&#8221; being exploited in the wild. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"360\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product.jpg?resize=640%2C360&#038;ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product.webp 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product.webp?resize=300,168 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product.webp?resize=768,432 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product.webp?resize=1024,576 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product.webp?resize=1536,864 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product.webp?resize=600,337 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product.webp?resize=1200,675 1200w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product.webp?resize=1500,843 1500w\" sizes=\"(max-width: 1200px) 100vw, 1200px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"12.887788778878\"><body readability=\"27.71186440678\"><\/p>\n<p>An end-of-life version of Ivanti\u2019s cloud IT service management software has a recently released vulnerability that the Cybersecurity and Infrastructure Security Agency says is being exploited.<\/p>\n<p>CISA <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2024\/09\/13\/ivanti-releases-security-update-cloud-services-appliance\">warned that organizations<\/a> outfitted with Ivanti\u2019s Cloud Service Appliance version 4.6 and below are being targeted by hackers and the bug has been added to the known exploited vulnerabilities (KEV) list. The Utah-based company said on Friday that a <a href=\"https:\/\/forums.ivanti.com\/s\/article\/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_US\">\u201climited number of customers\u201d<\/a> have confirmed exploitation but did not provide further details.<\/p>\n<p>Additionally, the bug is the last to be ported to the end-of-life version, Ivanti said, so organizations should update to CSA 5.0 for further security updates. The bug \u2014 <a href=\"https:\/\/www.cisa.gov\/resources-tools\/resources\/secure-design-alert-eliminating-os-command-injection-vulnerabilities\">an OS command injection vulnerability<\/a> \u2014 allows a hacker with admin rights in the software to gain remote code execution of the device.<\/p>\n<p>\u201cCSA 5.0 is the only supported version and does not contain this vulnerability,\u201d Ivanti noted. Additionally, Ivanti said \u201cCSA configurations should be dual-homed with eth0 as an internal network.\u201d&nbsp;<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The vulnerability \u2014 <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-8190\">CVE-2024-8190<\/a> \u2014 was first released to the public Sept. 10 and at the time there were no known public exploits. To find evidence of compromise, Ivanti suggests reviewing CSA for new admin users.<\/p>\n<p>Federal civilian agencies are required to mitigate the vulnerability within 60 days after being added to the KEV list.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.2618453865337\">\n<div class=\"author-card\" readability=\"9\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/cisa-warns-of-hackers-exploiting-bug-for-end-of-life-ivanti-product-1.jpg?w=640&#038;ssl=1\" alt=\"Christian Vasquez\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Christian Vasquez<\/h4>\n<p> Christian covers industrial cybersecurity for CyberScoop News. He previously wrote for E&amp;E News at POLITICO covering cybersecurity in the energy sector. Reach out:&nbsp; christian.vasquez at cyberscoop dot com <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"single-article__sticky-ads\">\n<div class=\"ad ad--sidebar ad--rightrail_4 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/p><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p> <!-- .popular-stories__stories --> <\/div>\n<p><!-- .popular-stories__inner -->\n<\/div>\n<p><!-- .popular-stories --> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<footer class=\"site-footer\"> <\/footer>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<div class=\"welcome__ad_top_row\"> <a class=\"logox\" href=\"https:\/\/cyberscoop.com\"> <img decoding=\"async\" class=\"site-header__logo site-header__logo--fed\" itemprop=\"logo\" src=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/svg\/logo-cyber.svg\" alt=\"CyberScoop\"> <\/a> <button id=\"close-modal-2\" class=\"welcome__close-button\"> Close Ad <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <\/button> <\/div>\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <a href=\"https:\/\/cyberscoop.com\/ivanti-vulnerability-cisa-kev\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Skip to main content Advertisement Advertisement Voting is open for<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[78,452,293,117,1394,1766,288,2281],"tags":[86,454,299,119,1395,1771,294,2283],"class_list":["post-5309","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-cybersecurity-and-infrastructure-security-agency-cisa","category-department-of-homeland-security-dhs","category-government","category-ivanti","category-known-exploited-vulnerabilities-kev","category-threats","category-vulnerability","tag-cybersecurity","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-department-of-homeland-security-dhs","tag-government","tag-ivanti","tag-known-exploited-vulnerabilities-kev","tag-threats","tag-vulnerability"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-homeland-security-dhs\/\" rel=\"category tag\">Department of Homeland Security (DHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ivanti\/\" rel=\"category tag\">Ivanti<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/known-exploited-vulnerabilities-kev\/\" rel=\"category tag\">known exploited vulnerabilities (KEV)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability\/\" rel=\"category tag\">vulnerability<\/a>","tag_info":"vulnerability","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5309","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=5309"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5309\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=5309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=5309"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=5309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}