8 matches found
Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance CSA has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the...
Legacy Ivanti Cloud Service Appliance Being Exploited
CISA wants everyone--and government agencies in particular--to remove or upgrade an Ivanti Cloud Service Appliance CSA that is no longer being supported. Welcome to the security nightmare that is the Internet of Things...
Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities
Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager EPM, including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows - CVE-2024-29847 CVSS score: 10.0 - A deserialization of...
Security Advisory Ivanti Cloud Service Appliance (CSA) (CVE-2024-8190)
Summary Ivanti has released a security update for Ivanti CSA 4.6 which addresses a high severity vulnerability. Successful exploitation could lead to unauthorized access to the device running the CSA. Dual-homed CSA configurations with eth0 as an internal network, as recommended by Ivanti, are at...
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Ivanti Endpoint Manager Cloud Service Appliance EPM CSA contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions nobody...
VulnCheck KEV: CVE-2021-44529
Ivanti Endpoint Manager Cloud Service Appliance EPM CSA contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions nobody...
Ivanti Endpoint Manager CSA 4.5 / 4.6 Remote Code Execution
Exploit Title: Ivanti Endpoint Manager - Cloud Service Appliance Unauthenticated Remote Code Execution Date: 20/03/2022 Exploit Author: d7x Vendor Homepage: https://www.ivanti.com/ Software Link: https://forums.ivanti.com/s/article/Customer-Update-Cloud-Service-Appliance-4-6 Version: CSA 4.6 4.5 ...
PT-2021-24125
Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager Cloud Service Appliance EPM CSA affected versions not specified Description: A code injection vulnerability in the Ivanti EPM Cloud Services Appliance CSA allows an unauthenticated user to execute arbitrary code with...