Ivanti has issued essential software program updates to deal with a number of extreme vulnerabilities in its Cloud Companies Software (CSA).
These vulnerabilities tracked as CVE-2024-11639, CVE-2024-11772, and CVE-2024-11773, have an effect on CSA variations 5.0.2 and earlier.
With out mitigation, these flaws might enable malicious attackers to bypass authentication, execute distant code, and manipulate databases, posing vital dangers to organizations counting on CSA for endpoint administration.
Vulnerability Particulars
CVE-2024-11639: Authentication Bypass
This essential vulnerability has been assigned a CVSS rating of 10.0. It permits an unauthenticated attacker to bypass authentication mechanisms within the admin net console of CSA.
Exploiting this flaw grants the attacker full administrative entry, doubtlessly enabling them to take full management of the system. The vulnerability is especially harmful as a result of it doesn’t require any prior privileges or person interplay.
Leveraging 2024 MITRE ATT&CK Outcomes for SME & MSP Cybersecurity Leaders – Attend Free Webinar
CVE-2024-11772: Command Injection
With a CVSS rating of 9.1, this vulnerability impacts directors who have already got elevated privileges on the CSA console.
It permits an attacker to execute arbitrary instructions remotely through command injection, doubtlessly resulting in distant code execution.
Whereas this flaw requires authenticated entry, exploiting it might lead to severe harm to system integrity and performance.
CVE-2024-11773: SQL Injection
This essential vulnerability additionally rated 9.1 on the CVSS scale, allows attackers with admin privileges to carry out SQL injection on the system.
By exploiting this flaw, malicious actors can execute arbitrary SQL queries, which can compromise the confidentiality, integrity, or availability of the system’s databases.
This might lead to unauthorized entry to delicate info or disruption of database operations.
Affected Variations
The next desk outlines the impacted and resolved variations of CSA:
| Product | Impacted Model(s) | Resolved Model | Patch Availability |
| Ivanti Cloud Companies Software | 5.0.2 and earlier | 5.0.3 | Out there on the Ivanti Obtain Portal |
Ivanti strongly advises all clients utilizing CSA 5.0.2 or earlier to improve to model 5.0.3 instantly.
The patched model is obtainable for obtain from the Ivanti Obtain Portal. Clients can check with the documentation titled “Get Began with the Ivanti Cloud Service Software 5.0 for Endpoint Supervisor” for detailed directions on the improve course of.
Ivanti said that, as of the disclosure date, there is no such thing as a identified proof that these vulnerabilities have been exploited within the wild.
Nevertheless, given the essential nature of CVE-2024-11639, which permits unauthenticated administrative entry, the potential for exploitation stays excessive.
Organizations ought to prioritize this replace to safeguard their techniques and stop potential unauthorized entry or information breaches.
These vulnerabilities underscore the significance of well timed patch administration and proactive safety measures.
Ivanti’s fast response in addressing these points highlights its dedication to defending clients. Customers are urged to behave instantly to make sure their techniques stay safe.
Examine Actual-World Malicious Hyperlinks,Malware & Phishing Assaults With ANY.RUN - Attempt for Free