The US Cybersecurity and Infrastructure Security Agency (CISA) has added a high-risk Ivanti Virtual Traffic Manager authentication bypass vulnerability it to its Known Exploited Vulnerabilities (KEV) catalog.
Tracked as CVE-2024-7593, the flaw allows a remote attacker to compromise the target system. The issue exists due to incorrect implementation of authentication algorithm. A remote attacker can bypass authentication of the admin panel. Virtual Traffic Manager versions 22.2 - 22.7R1 are said to be impacted.
Earlier this month, CISA flagged another critical Ivanti vulnerability - CVE-2024-8963. The flaw, present in unpatched CSA systems, allows remote, unauthenticated attackers to bypass administrative controls and access restricted functionalities.
Attackers are chaining CVE-2024-8963 with the command injection bug CVE-2024-8190 to gain elevated access. The latter was patched last week. Through the chained exploits, attackers can bypass admin authentication entirely, allowing them to execute arbitrary commands on compromised systems.