Actively exploited vulnerability

CVE-2024-8963: Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability

Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary commands on the appliance.

CISA KEV source 19 Sep 2024 added 10 Oct 2024 remediation due

Affected product

Ivanti ยท Cloud Services Appliance (CSA)

Known ransomware use: Unknown

Required action

Follow the source advisory and validate exposure in your environment.

As Ivanti CSA has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line of supported solutions, as future vulnerabilities on the 4.6.x version of CSA are unlikely to receive security updates.

Related Yasna coverage

Recent reporting that mentions CVE-2024-8963.

Dark Reading10 Oct 2024

3 More Ivanti Cloud Vulns Exploited in the Wild

The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor's Cloud Services Appliance (CSA).