Tag: Ivanti
-
The Register: CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame
Source URL: https://www.theregister.com/2024/10/10/cisa_ivanti_fortinet_vulns/ Source: The Register Title: CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame Feedly Summary: Usual three-week window to address significant risks to federal agencies applies The US Cybersecurity and Infrastructure Security Agency (CISA) says vulnerabilities in Fortinet and Ivanti products are now being exploited, earning them places in…
-
Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2024/10/09/cisa-adds-three-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23113 Fortinet Multiple Products Format String Vulnerability CVE-2024-9379 Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability CVE-2024-9380 Ivanti Cloud Services Appliance (CSA) OS Command Injection…
-
The Register: Ivanti patches exploited admin command execution flaw
Source URL: https://www.theregister.com/2024/09/20/patch_up_ivanti_fixes_exploited/ Source: The Register Title: Ivanti patches exploited admin command execution flaw Feedly Summary: Fears over chained attacks affecting EOL product The US Cybersecurity and Infrastructure Security Agency (CISA) just added the latest Ivanti weakness to its Known Exploited Vulnerability (KEV) catalog, a situation sure to annoy some – given that it’s yet…
-
Alerts: Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance
Source URL: https://www.cisa.gov/news-events/alerts/2024/09/19/ivanti-releases-admin-bypass-security-update-cloud-services-appliance Source: Alerts Title: Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance Feedly Summary: Ivanti has released a security update to address an admin bypass vulnerability (CVE-2024-8963) affecting Ivanti Cloud Services Appliance (CSA) version 4.6. A cyber threat actor could exploit this vulnerability in conjunction with CVE-2024-8190–detailed in a Sept. 13…
-
Alerts: Ivanti Releases Security Update for Cloud Services Appliance
Source URL: https://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance Source: Alerts Title: Ivanti Releases Security Update for Cloud Services Appliance Feedly Summary: Ivanti has released a security update addressing an OS command injection vulnerability (CVE-2024-8190) affecting Ivanti Cloud Services Appliance (CSA) 4.6 (all versions before patch 519). A cyber threat actor could exploit this vulnerability to take control of an affected…