Ivanti has released crucial security updates addressing multiple critical vulnerabilities in its Cloud Services Application (CSA) and Connect Secure products. The vulnerabilities pose significant risks of privilege escalation and code execution.
Key Vulnerabilities:
– CVE-2024-11639 (CVSS 10.0): Authentication bypass in CSA admin console
– CVE-2024-11772 (CVSS 9.1): Command injection vulnerability in CSA admin console
– CVE-2024-11773 (CVSS 9.1): SQL injection vulnerability in CSA admin console
– CVE-2024-11633 (CVSS 9.1): Argument injection in Connect Secure
– CVE-2024-11634 (CVSS 9.1): Command injection in Connect Secure and Policy Secure
– CVE-2024-8540 (CVSS 8.8): Insecure permissions in Ivanti Sentry
Updated Secure Versions:
– CSA: Version 5.0.3
– Connect Secure: Version 22.7R2.4
– Policy Secure: Version 22.7R1.2
– Sentry: Versions 9.20.2, 10.0.2, and 10.1.0
While Ivanti reports no active exploitation of these vulnerabilities, immediate updates are strongly recommended given the history of state-sponsored attacks targeting previous Ivanti product vulnerabilities.