Remote Code Execution Vulnerability in Ivanti CSA Admin Web Console
CVE-2024-9380
Key Information:
- Vendor
Ivanti
- Vendor
- CVE Published:
- 8 October 2024
Badges
What is CVE-2024-9380?
An OS command injection vulnerability exists in the admin web console of Ivanti Cloud Services Appliance prior to version 5.0.2. This flaw allows a remote authenticated attacker with administrative privileges to execute arbitrary commands on the server, potentially leading to significant security breaches and unauthorized access to system resources.
CISA has reported CVE-2024-9380
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-9380 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: As Ivanti CSA 4.6.x has reached End-of-Life status, users are urged to remove CSA 4.6.x from service or upgrade to the 5.0.x line, or later, of supported solution.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
CSA (Cloud Services Appliance) 5.0.2
News Articles
The Cyber ExpressCISA Warn Of Critical Ivanti CSA Vulnerabilities: Patch Now
These four Ivanti CSA Vulnerabilities were exploited in September 2024 by threat actors to compromise victim networks.
The Hacker NewsZero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
Ivanti warns of active exploitation of three new CSA vulnerabilities, enabling hackers to bypass security measures.
References
EPSS Score
88% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- πΎ
Exploit known to exist
- π¦
CISA Reported
- π°
First article discovered by The Hacker News
Vulnerability published
Vulnerability Reserved