Ivanti has announced a significant patch update addressing 11 vulnerabilities across its product range, including five critical-severity issues that could potentially expose users to severe security risks. The most notable security flaw identified was CVE-2024-11639 – an authentication bypass in the Cloud Services Application (CSA), which allows remote, unauthenticated access with administrative privileges. This vulnerability was assigned a maximum CVSS score of 10 out of 10, signifying its critical nature. Additionally, the CSA also suffered from a command injection (CVE-2024-11772) and an SQL injection (CVE-2024-11773), each carrying a high CVSS score of 9.1. These flaws could enable remote code execution or the admission of arbitrary SQL statements with admin-level access. Ivanti has addressed these vulnerabilities by releasing CSA version 5.0.3, and the discoveries were credited to the cybersecurity firm CrowdStrike.
Critical Vulnerabilities in ICS and IPS
Ivanti’s security update also patched two severe defects in Connect Secure (ICS) and Policy Secure (IPS), specifically identified as CVE-2024-11633 and CVE-2024-11634. Both vulnerabilities were assigned CVSS scores of 9.1 due to their potential to allow remote code execution by authenticated attackers. To rectify these critical issues, Ivanti rolled out ICS version 22.7R2.4 and IPS version 22.7R1.2. The ICS update also resolved three additional high-severity issues, including a restriction bypass and an unauthenticated denial-of-service (DoS) vulnerability, showcasing a comprehensive approach to fortifying ICS against various attack vectors. Furthermore, Ivanti addressed other high-severity flaws in Sentry, Desktop and Server Management (DSM), and Patch SDK. These flaws could allow unauthorized modifications of sensitive components or deletion of arbitrary files, which could result in significant data breaches or system malfunctions. Notably, CVE-2024-10256 in Patch SDK is of considerable concern as it impacts multiple Ivanti products, including Endpoint Manager, Security Controls, Neurons Agent, Neurons for Patch Management, and Patch for Configuration Manager.
Importance of Timely Updates
Ivanti has assured its users that there is no evidence of these vulnerabilities being exploited in the wild, thereby emphasizing the importance of proactive measures. Users are strongly advised to update their systems to the latest versions promptly to mitigate any potential risks. This recent batch of patches follows previous significant security updates and underscores Ivanti’s commitment to reinforcing the security of their product suite. By detailedly identifying, addressing, and releasing fixes for these high-severity vulnerabilities, Ivanti continues to demonstrate vigilance and responsibility towards its user base. The company’s relentless efforts in vulnerability management exemplify a robust security strategy, urging all users to stay up-to-date with the latest patches to protect their infrastructure comprehensively.
