Security News > 2024 > October > Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
2024-10-08 16:38
Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software services provider said. Successful exploitation of these vulnerabilities could allow an authenticated
News URL
https://thehackernews.com/2024/10/zero-day-alert-three-critical-ivanti.html
Related news
- Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now (source)
- Ivanti fixes three critical flaws in Connect Secure & Policy Secure (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws (source)
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) (source)
- Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released (source)
- CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)