InfoSecBulletin Cybersecurity for mankind
Ivanti warned that a recently fixed security flaw in its Cloud Service Appliance (CSA) is being actively exploited. CVE-2024-8190 is a high-severity vulnerability (CVSS score: 7.2) that can enable remote code execution in specific situations.
“An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution,” Ivanti noted in an advisory released earlier this week. “The attacker must have admin level privileges to exploit this vulnerability.”
Hacker claim to breach Link3; 189,000 Users data up for sale
Check Point Hosts “Securing the Hyperconnected World in the AI Era” in Dhaka
Microsoft Confirms 900+ XSS Vulns Found in IT Services
Daily Security Update Dated : 15.09.2025
IBM QRadar SIEM Vuln Let Attackers Perform Unauthorized Actions
Major Australian Banks using Army of AI Bots to Scam Scammers
F5 to acquire CalypsoAI for $180M for Advanced AI Security Capabilities
AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Attacks
CVE-2025-21043
Samsung Patched Critical Zero-Day Flaw Exploited in Android Attacks
Albania appoints world’s first AI minister, “Diella” to Tackle Corruption
The flaw affects Ivanti CSA 4.6, which is now outdated, so customers must upgrade to a supported version. It has been fixed in CSA 4.6 Patch 519.
“With the end-of-life status this is the last fix that Ivanti will backport for this version,” the Utah-based IT software company added. “Customers must upgrade to Ivanti CSA 5.0 for continued support.”
“CSA 5.0 is the only supported version and does not contain this vulnerability. Customers already running Ivanti CSA 5.0 do not need to take any additional action.”
On Friday, Ivanti reported confirmed exploitation of the flaw affecting a small group of customers.
No new details about the attacks or the identity of the threat actors were provided. However, several Ivanti product vulnerabilities have been exploited as zero-days by Chinese cyberespionage groups.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, mandating federal agencies to implement fixes by October 4, 2024.
Horizon3.ai revealed a serious deserialization vulnerability (CVE-2024-29847, CVSS score: 10.0) in Endpoint Manager (EPM) that allows for remote code execution.
