Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2024/09/20 4:18 a.m.36 views

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance CSA has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the...

9.4CVSS8.7AI score0.98557EPSS
Exploits3
Schneier on Security
Schneier on Security
added 2024/09/16 2:49 p.m.8 views

Legacy Ivanti Cloud Service Appliance Being Exploited

CISA wants everyone--and government agencies in particular--to remove or upgrade an Ivanti Cloud Service Appliance CSA that is no longer being supported. Welcome to the security nightmare that is the Internet of Things...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/11 6:30 a.m.43 views

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities

Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager EPM, including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows - CVE-2024-29847 CVSS score: 10.0 - A deserialization of...

10CVSS9.1AI score0.88955EPSS
Exploits4
Ivanti
Ivanti
added 2024/09/10 2:0 p.m.14 views

Security Advisory Ivanti Cloud Service Appliance (CSA) (CVE-2024-8190)

Summary Ivanti has released a security update for Ivanti CSA 4.6 which addresses a high severity vulnerability. Successful exploitation could lead to unauthorized access to the device running the CSA. Dual-homed CSA configurations with eth0 as an internal network, as recommended by Ivanti, are at...

7.2CVSS9.3AI score0.88955EPSS
Exploits2
CISA KEV Catalog
CISA KEV Catalog
added 2024/03/25 12:0 a.m.34 views

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability

Ivanti Endpoint Manager Cloud Service Appliance EPM CSA contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions nobody...

9.8CVSS8AI score0.99105EPSS
In wildExploits9
VulnCheck KEV
VulnCheck KEV
added 2024/02/29 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-44529

Ivanti Endpoint Manager Cloud Service Appliance EPM CSA contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions nobody...

9.8CVSS7.6AI score0.99105EPSS
Exploits9References1
Packet Storm
Packet Storm
added 2022/03/21 12:0 a.m.325 views

Ivanti Endpoint Manager CSA 4.5 / 4.6 Remote Code Execution

Exploit Title: Ivanti Endpoint Manager - Cloud Service Appliance Unauthenticated Remote Code Execution Date: 20/03/2022 Exploit Author: d7x Vendor Homepage: https://www.ivanti.com/ Software Link: https://forums.ivanti.com/s/article/Customer-Update-Cloud-Service-Appliance-4-6 Version: CSA 4.6 4.5 ...

9.8CVSS0.7AI score0.99105EPSS
Exploits9
Positive Technologies
Positive Technologies
added 2021/08/12 12:0 a.m.4 views

PT-2021-24125

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager Cloud Service Appliance EPM CSA affected versions not specified Description: A code injection vulnerability in the Ivanti EPM Cloud Services Appliance CSA allows an unauthenticated user to execute arbitrary code with...

9.8CVSS7.6AI score0.99105EPSS
Exploits9References45
Rows per page
Query Builder