CISA mandates agencies upgrade or remove outdated Ivanti appliance after attacks

September 15, 2024
1 min read



TLDR:

  • CISA orders federal agencies to upgrade or remove end-of-life Ivanti appliance after multiple attacks.
  • The exploit affects Ivanti’s Cloud Service Appliance (CSA) and gives hackers access to devices running CSA.

Summary:

In response to multiple attacks exploiting CVE-2024-8190, the Cybersecurity and Infrastructure Security Agency (CISA) has directed all federal civilian agencies to either upgrade or remove Ivanti’s end-of-life Cloud Service Appliance (CSA). The vulnerability in CSA 4.6 allows hackers to gain access to devices running the appliance, prompting Ivanti to issue a warning and advise customers to upgrade to version 5.0 for continued support. CISA has set a deadline of October 4 for agencies to take action.
The issue comes shortly after Ivanti faced another bug that raised alarm among security defenders. The company had pledged a security overhaul in response to previous nation-state attacks. In light of recent exploits, Ivanti is urging users to check for modified or newly added administrative users, and to review security alerts if necessary. The cybersecurity community is closely monitoring the situation, as Ivanti works to address these critical vulnerabilities and strengthen its products against future threats.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and