US CISA urges to address vulnerable Ivanti appliance

Federal agencies have been urged to upgrade or remove Ivanti’s outdated Cloud Service Appliance (CSA) due to a critical vulnerability, CVE-2024-8190, that has been exploited in recent attacks.

Cybersecurity,protection

The Cybersecurity and Infrastructure Security Agency (CISA) have urged federal agencies to either remove or upgrade an outdated Ivanti appliance that has been exploited in recent attacks.

Ivanti updated its advisory, warning that a ‘limited number of customers’ had been breached due to the vulnerability CVE-2024-8190, which was disclosed earlier in the week. The flaw affects Ivanti’s Cloud Service Appliance (CSA), a tool used for secure internet communication and managing devices connected to central consoles. Exploitation of this bug, which the CISA confirmed, allows hackers to gain access to the affected device.

CISA has mandated that all federal civilian agencies remove the appliance or upgrade to version 5.0 by October 4. Ivanti advised customers to check for any new or modified administrative users, which could indicate exploitation of the bug, and to monitor security alerts with specific tools.

This advisory came just one day after another Ivanti vulnerability raised concerns. The company, which faced significant scrutiny after a series of high-profile nation-state attacks exploited its products earlier this year, has committed to a security overhaul.