CVE-2024-8190

Name of the Vulnerable Software and Affected Versions Ivanti Cloud Services Appliance versions 4.6 Patch 518 and earlier

Description An OS command injection vulnerability in Ivanti Cloud Services Appliance allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability. The vulnerability is being actively exploited in the wild, and it could lead to full system compromise, especially since Ivanti CSA 4.6 has reached end-of-life. A proof-of-concept (PoC) exploit for this flaw has been released.

Recommendations For Ivanti Cloud Services Appliance versions 4.6 Patch 518 and earlier, upgrade to version 5.0 to mitigate the risks. As a temporary workaround, consider restricting access to the vulnerable module to minimize the risk of exploitation. Avoid using administrative privileges unless necessary, and ensure that all users with admin level privileges are aware of the potential risks. Apply the security update released by Ivanti for Ivanti CSA 4.6 to address the high severity vulnerability.