Ivanti: Three More Cloud Gateway Vulnerabilities Are Being Exploited
The vendor disclosed that some customers have been attacked through exploitation of the newly discovered flaws in its Cloud Service Appliance.
Ivanti disclosed Tuesday that some customers have been attacked through exploitation of three newly discovered vulnerabilities in its Cloud Service Appliance (CSA) gateway.
The vendor said the flaws have been exploited in conjunction with a CSA vulnerability previously disclosed in September.
[Related: Network Security Devices Are The Front Door To An IT Environment, But Are They Under Lock And Key?]
Ivanti said the vulnerabilities were discovered as the company has “intensified our internal scanning, manual exploitation and testing capabilities” in recent months. The flaws are tracked with the identifiers CVE-2024-9379, CVE-2024-9380 or CVE-2024-9381.
The recently discovered flaws affect CSA version 4.6, which is no longer supported by Ivanti.
Like with the previous vulnerability, the newly discovered CSA flaws impact all versions of the appliance prior to Ivanti’s Sept. 10 update, known as patch 519.
The vulnerabilities can be exploited when chained with a critical-severity CSA flaw (tracked at CVE-2024-8963) that was disclosed by Ivanti on Sept. 19.
“We are aware of a limited number of customers running CSA 4.6 patch 518 and prior who have been exploited when [the newly discovered vulnerabilities] are chained with CVE-2024-8963,” the vendor said in its security advisory Tuesday.
CRN has reached out to Ivanti for further comment.