{"id":5338,"date":"2024-09-16T16:04:22","date_gmt":"2024-09-16T21:04:22","guid":{"rendered":"https:\/\/www.darkreading.com\/threat-intelligence\/ivanti-cloud-bug-exploit-alarms-raised"},"modified":"2024-09-16T16:04:22","modified_gmt":"2024-09-16T21:04:22","slug":"ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/09\/16\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised\/","title":{"rendered":"Ivanti Cloud Bug Goes Under Exploit After Alarms Are Raised"},"content":{"rendered":"<div class=\"media_block\"><a href=\"https:\/\/i0.wp.com\/eu-images.contentstack.com\/v3\/assets\/blt6d90778a997de1cd\/blt884a72199eb2fb4a\/66e88dded414e54a42bb51fe\/vulnerability1800_NicoElNino_alamy.jpg?ssl=1\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised.jpg?w=640&#038;ssl=1\" class=\"media_thumbnail\"><\/a><\/div>\n<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised.jpg?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Just days after <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/remote-workforce\/critical-ivanti-vtm-bug-unauthorized-admin-access\" rel=\"noopener\">Ivanti released an advisory<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> regarding a high-severity vulnerability in its Cloud Service Appliance (CSA), the company is alerting customers that the flaw is now being exploited in the wild.&nbsp;<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Ivanti initially disclosed the vulnerability, tracked as CVE-2024-8190, on Sept. 10, warning customers that it could allow unauthorized access to their devices. With a CVSS score of 7.2 out of 10, the attacker must have administrator-level privileges in order to exploit the vulnerability.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">To remediate the bug, Ivanti recommended that users upgrade from Ivanti CSA 4.6 to CSA 5.0. In addition, CSA 4.6 Patch 518 customers can update to Patch 519, however, upgrading to CSA 5.0 remains the best option, the company noted.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">On Sept. 13,&nbsp;<\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/forums.ivanti.com\/s\/article\/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_US\" rel=\"noopener\">Ivanti updated its advisory<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">, making its customers aware that it knew of the active exploitation of the vulnerability.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&#8220;At the time of the September 13 update, exploitation of a limited number of customers has been confirmed following public disclosure,&#8221; said the advisory.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Users should update to the latest version of the appliance as soon as possible.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">If users find that they have been compromised before they can apply the recommended patch, according to the company, they can log a case or request a call through the <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/success.ivanti.com\/Community_RegStep1_Page?inst=UL\" rel=\"noopener\">Ivanti&nbsp;Success Portal<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">.<\/span><\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/ivanti-cloud-bug-exploit-alarms-raised\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Just days after Ivanti released an advisory regarding a high-severity<\/p>\n","protected":false},"author":12,"featured_media":5339,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-5338","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?fit=2560%2C1440&ssl=1",2560,1440,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?fit=1536%2C864&ssl=1",1536,864,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?fit=2048%2C1152&ssl=1",2048,1152,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/ivanti-cloud-bug-goes-under-exploit-after-alarms-are-raised-scaled.jpg?fit=2560%2C1440&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=5338"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5338\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/5339"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=5338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=5338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=5338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}