Ivanti CSA: OS command injection (CVE-2024-8190) #shorts #breaking

CVE

This CVE relates to an operating system command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and earlier. It is not a zero-day vulnerability as it was discovered a month ago, and there is a proof of concept exploit available. Attackers with administrative privileges can leverage this flaw to achieve remote code execution. While the specific targets of this vulnerability have not been publicly disclosed, it significantly impacts the security of the affected Ivanti CSA deployments.

Watch the full video on YouTube: CVE-2024-8190

Remediation and exploitation details

This chain involves the following actors

This following systems are involved

Attack entry point

Remediation actions

Exploitation actions

Related Content

NOTE: The following related content has not been vetted and may be unsafe.

CVE database technical details

CVE ID
CVE-2024-8190
Description
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
Provider
ivanti
CWE / problem types
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Affected Software Versions
Ivanti:CSA (Cloud Services Appliance):[{'status': 'unaffected', 'version': '4.6 Patch 519', 'versionType': 'custom'}, {'status': 'unaffected', 'version': '5.0', 'versionType': 'custom'}]
Date Published
2024-09-10T20:33:44.793Z
Last Updated
2024-09-16T13:24:41.628Z