Ivanti Releases Urgent Security Updates for CSA and Connect
Ivanti Releases Critical Security Updates for Cloud Services Application and Connect Secure
Ivanti has announced crucial security updates aimed at addressing multiple critical vulnerabilities in its Cloud Services Application (CSA) and Connect Secure products. These security flaws could potentially lead to privilege escalation and remote code execution, posing significant risks to users. To ensure your systems remain secure, it’s essential to take immediate action and update to the latest versions.
Overview of Critical Vulnerabilities in Ivanti Products
The vulnerabilities identified in Ivanti’s Cloud Services Application and Connect Secure products include several high-severity issues:
-
CVE-2024-11639 (CVSS score: 10.0): This authentication bypass vulnerability affects the admin web console of Ivanti CSA prior to version 5.0.3, allowing a remote unauthenticated attacker to gain administrative access.
-
CVE-2024-11772 (CVSS score: 9.1): A command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.3, which can enable a remote authenticated attacker with admin privileges to execute code remotely.
-
CVE-2024-11773 (CVSS score: 9.1): An SQL injection vulnerability in the admin web console of Ivanti CSA before version 5.0.3 that permits a remote authenticated attacker to execute arbitrary SQL statements.
-
CVE-2024-11633 (CVSS score: 9.1): This argument injection vulnerability in Ivanti Connect Secure prior to version 22.7R2.4 allows a remote authenticated attacker with admin privileges to execute code remotely.
-
CVE-2024-11634 (CVSS score: 9.1): A command injection vulnerability impacting both Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2, enabling remote authenticated attackers to gain code execution.
- CVE-2024-8540 (CVSS score: 8.8): An insecure permissions vulnerability in Ivanti Sentry before versions 9.20.2, 10.0.2, and 10.1.0 that allows local authenticated attackers to modify sensitive application components.
Recommended Versions to Mitigate Vulnerabilities
To protect against these vulnerabilities, Ivanti recommends updating to the following versions:
- Ivanti Cloud Services Application: Version 5.0.3 or later
- Ivanti Connect Secure: Version 22.7R2.4 or later
- Ivanti Policy Secure: Version 22.7R1.2 or later
- Ivanti Sentry: Versions 9.20.2, 10.0.2, or 10.1.0
While Ivanti has stated that it is not aware of active exploitation of these vulnerabilities at this time, users should remain vigilant. Several security flaws have previously been exploited by state-sponsored attackers for malicious activities, making timely updates crucial.
Stay Informed and Secure
For more insights on cybersecurity updates and practices, consider following us on Twitter and LinkedIn for exclusive content. Share your thoughts or experiences regarding these updates in the comments below!