Critical Auth Bypass Flaw in Ivanti CSA Puts Admin Access at Risk – Patch Now Available

Critical Auth Bypass Flaw in Ivanti CSA Puts Admin Access at Risk - Patch Now Available

Critical Security Alert: Ivanti Patches Severe Authentication Bypass Vulnerability

Ivanti has issued an urgent security advisory regarding a critical authentication bypass vulnerability (CVE-2024-11639) affecting its Cloud Services Appliance (CSA) solution. The flaw, discovered by CrowdStrike’s Advanced Research Team, allows unauthorized remote attackers to obtain administrative access on systems running CSA 5.0.2 or earlier versions.

Key Points:
– Severity: Maximum
– Affected Version: CSA 5.0.2 and earlier
– Solution: Upgrade to CSA 5.0.3
– Current Status: No known exploits in the wild

Recent Security Timeline:
September 2023:
– CVE-2024-8190 (Remote Code Execution)
– CVE-2024-8963 (Admin Authentication Bypass)

October 2023:
– CVE-2024-9379 (SQL Injection)
– CVE-2024-9380 (OS Command Injection)
– CVE-2024-9381 (Path Traversal)

Additional Updates:
Ivanti has simultaneously released patches for various security vulnerabilities affecting multiple products:
– Desktop and Server Management (DSM)
– Connect Secure and Policy Secure
– Sentry
– Patch SDK

Impact:
With over 40,000 companies utilizing Ivanti’s products for system and IT asset management, this security update is crucial for maintaining organizational security. The company has enhanced its testing procedures and disclosure process to address vulnerabilities more efficiently following earlier zero-day exploits targeting their VPN appliances and various gateway products.

Share This Article