InfoSecBulletin Cybersecurity for mankind
Ivanti issued a security advisory about two important vulnerabilities in its Neurons for IT Service Management (ITSM) platform. Customers using the on-premise version should act quickly. The vulnerabilities (CVE-2024-7569 and CVE-2024-7570) affect Ivanti Neurons for ITSM versions 2023.4 and older, putting them at risk of unauthorized data access and system compromise.
Vulnerabilities and Potential Impacts:
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
Vulnerability CVE-2024-7569 has a high severity score of 9.6. It allows an unauthenticated attacker to access the OIDC client secret through exposed debug information, which could lead to unauthorized access to sensitive information within the ITSM environment.
The vulnerability is a big concern for organizations that use OIDC authentication in their ITSM systems. If the client secret is exposed, the authentication process could be compromised. This means attackers could pretend to be real users or services.
The second vulnerability, CVE-2024-7570, has a CVSS score of 8.3 and stems from the improper validation of certificates in Ivanti Neurons for ITSM. This weakness allows a malicious actor positioned in the Man-in-the-Middle (MITM) to create a harmful token, which grants undesired access to the ITSM system, posing as any user. The repercussions of this vulnerability are extremely grave, as unauthorized access, data manipulation, or even the critical disruption of IT services can occur.
Patch Availability and Urgency for On-Premise Customers:
Ivanti has fixed vulnerabilities in their cloud-based Ivanti Neurons for ITSM as of August 4, protecting cloud customers. On-premise customers using versions 2023.4 and earlier should apply the available patches quickly to reduce the risks from these vulnerabilities.
Impact and Recommendations:
These vulnerabilities affect customers using Ivanti Neurons for ITSM with OIDC authentication. Ivanti hasn’t seen these vulnerabilities being exploited, but it’s important to act quickly due to the critical nature of the issues.
