#VU97119 OS Command Injection in Ivanti Cloud Services Appliance (CSA) - CVE-2024-8190
Published: September 10, 2024 / Updated: September 20, 2024
Vulnerability identifier: #VU97119
Vulnerability risk: Critical
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2024-8190
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vulnerable software:
Ivanti Cloud Services Appliance (CSA)
Ivanti Cloud Services Appliance (CSA)
Software vendor:
Ivanti
Ivanti
Description
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote privileged user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Note, the vulnerability is being actively exploited in the wild as of September 13 in conjunction with #VU97617 (CVE-2024-8963), which leads to remote unauthenticated code execution.
Remediation
Install updates from vendor's website.