OS Command Injection in Ivanti Cloud Services Appliance (CSA) - CVE-2024-8190
Published: September 10, 2024 / Updated: September 20, 2024
Vulnerability identifier: #VU97119
CSH Severity: Critical
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2024-8190
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: Ivanti
Affected software:
Ivanti Cloud Services Appliance (CSA)
Ivanti Cloud Services Appliance (CSA)
Detailed vulnerability description
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote privileged user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Note, the vulnerability is being actively exploited in the wild as of September 13 in conjunction with #VU97617 (CVE-2024-8963), which leads to remote unauthenticated code execution.
How to mitigate CVE-2024-8190
Install updates from vendor's website.