Ivanti Releases Urgent Patches for Severe CSA Security Flaws

December 11, 2024 at 02:59 AM

•

1 min read

Ivanti Releases Urgent Patches for Severe CSA Security Flaws — Photo: The Hacker News

TL;DR Summary

Ivanti has released critical security updates for its Cloud Services Application (CSA) and Connect Secure products to address multiple vulnerabilities, including an authentication bypass (CVE-2024-11639) with a CVSS score of 10.0, and several command and SQL injection flaws. These vulnerabilities could allow remote attackers to gain administrative access and execute arbitrary code. Users are urged to update to the latest versions to mitigate potential risks, although no active exploitation has been reported yet.

Topics:technology #code-execution #ivanti #privilege-escalation #security-update #vulnerabilities #vulnerability-network-security

Share this article

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities The Hacker News
Ivanti warns of maximum severity CSA auth bypass vulnerability BleepingComputer
Critical Vulnerabilities in Ivanti CSA Let Attackers Bypass Admin Web Console Remotely CybersecurityNews
[AL-143] Critical Vulnerabilities in Ivanti Cloud Services Appliance Cyber Security Agency of Singapore

Reading Insights

Total Reads

Unique Readers

Time Saved

1 min

vs 2 min read

Condensed

77%

322 → 73 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights